VARIoT IoT vulnerabilities database

In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. TOTOLINK X6000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK X6000R V9.4.0cu.852_B20230719 version has a command execution vulnerability. The vulnerability is caused by the enable parameter of the sub_4119A0 function failing to correctly filter special characters, commands, etc. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function that when passed to the CsteSystem function creates a command execution vulnerability. TOTOLINK X6000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. There is a security vulnerability in TOTOLINK X6000R shttpd sub_4119A0. A remote attacker can use this vulnerability to submit special requests and execute arbitrary commands in the application context

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic. Tenda AC10 is a wireless router made by China Tenda Company. Tenda AC10 has a buffer overflow vulnerability. This vulnerability is caused by the failure of the shareSpeed ​​parameter of the fromSetWifiGuestBasic function to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time. Tenda AC10 is a wireless router made by China Tenda Company. This vulnerability is caused by the time parameter of the compare_parentcontrol_time function failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause Denial of service attack

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg. Tenda AC10 is a wireless router made by China Tenda Company. Tenda AC10 has a buffer overflow vulnerability. This vulnerability is caused by the failure of the firewallEn parameter of the SetFirewallCfg function to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878. Tenda AC10 is a wireless router made by China Tenda Company. Tenda AC10 has a buffer overflow vulnerability. This vulnerability is caused by the failure of the src parameter of the sub_47D878 function to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098. Tenda AC10 is a wireless router made by China Tenda Company. The vulnerability is caused by the list parameter of the sub_49E098 function failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause Denial of service attack

A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM. of netgear ProSAFE Network Management System Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR is a router made by the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between the networks. There is an access control error vulnerability in versions before NETGEAR ProSAFE Network Management System v1.7.0.26. A remote attacker could exploit this vulnerability to escalate privileges

Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set.

Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName.

Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi. Tenda AX1803 is a dual-band Gigabit WIFI6 router from China's Tenda Company. Tenda AX1803 v1.0.0.1 version has a buffer overflow vulnerability, which is caused by a boundary error when the application handles untrusted input

An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPwd parameter in the form_fast_setting_internet_set function.

Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule.

Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat.

** UNSUPPORTED WHEN ASSIGNED ** Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory traversal via the mainfunction.cgi dumpSyslog 'option' parameter allowing an authenticated attacker with access to the web management interface to delete arbitrary files. Vigor2960 is no longer supported. ** Not supported ** This is a vulnerability in an unsupported product. DrayTek Corporation of Vigor2960 A path traversal vulnerability exists in firmware.Information is tampered with and service operation is interrupted (DoS) It may be in a state

When Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file an out of bounds write may occur. (DoS) It may be in a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of V9 files by the V-Simulator module. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process

A user with a standard account in Fuji Electric Tellus Lite may overwrite files in the system. Fuji Electric's Tellus Lite V-Simulator Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the product installer. The issue results from incorrect permissions set on product folders created by the installer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of any user of the software

Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file. Fuji Electric's Tellus Lite V-Simulator Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of V9 files by the V-Simulator 6 module. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process

A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device. IP DECT110 firmware, IP DECT 210 firmware, Cisco Unified IP Phone 6901 Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with. Cisco IP Phone is a hardware device of the American company Cisco. An IP phone that provides call functionality