VARIoT IoT vulnerabilities database

Information disclosure in IOE Firmware while handling WMI command. AQT1000 firmware, AR8031 firmware, AR8035 Unspecified vulnerabilities exist in multiple Qualcomm products, including firmware.Information may be obtained

Memory Corruption in Multi-mode Call Processor while processing bit mask API. 315 5g iot modem firmware, 9205 lte modem firmware, 9206 lte modem Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895

Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally by continuously attempting unauthorized login to the Web server function. The impact of this vulnerability will persist while the attacker continues to attempt unauthorized login. fx5u-32mt/es firmware, fx5u-64mt/es firmware, fx5u-80mt/es Multiple Mitsubishi Electric products, including firmware, contain a vulnerability related to improper restriction of excessive authentication attempts.Service operation interruption (DoS) It may be in a state

In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862)

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation. Moxa Inc. of eds-g503 There is a resource disclosure vulnerability in the wrong area in firmware.Information may be obtained. MOXA PT-G503 is a series of Layer 2 managed switches from China's MOXA company

A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot

TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication. TOTOLINK of x6000r Firmware has a lack of authentication vulnerability for critical functionality.Information may be tampered with. TOTOLINK X6000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK X6000R V9.4.0cu.852_B20230719 version has an access control error vulnerability. This vulnerability is caused by improper access control on the device

TOTOLINK LR1200GB V9.1.0u.6619_B20230130 was discovered to contain a stack overflow via the password parameter in the function loginAuth. TOTOLINK of lr1200gb An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's Zeon Electronics (TOTOLINK) company. TOTOLINK LR1200GB V9.1.0u.6619_B20230130 version has a buffer overflow vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server 2.10 (Sep 2023) and newer for authentication callouts. In nkeys versions 0.4.0 through 0.4.5, corresponding with NATS server versions 2.10.0 through 2.10.3, the nkeys library's `xkeys` encryption handling logic mistakenly passed an array by value into an internal function, where the function mutated that buffer to populate the encryption key to use. As a result, all encryption was actually to an all-zeros key. This affects encryption only, not signing. FIXME: FILL IN IMPACT ON NATS-SERVER AUTH CALLOUT SECURITY. nkeys Go library 0.4.6, corresponding with NATS Server 2.10.4, has a patch for this issue. No known workarounds are available. For any application handling auth callouts in Go, if using the nkeys library, update the dependency, recompile and deploy that in lockstep. NATS of NATS Server and nkeys contains vulnerabilities related to the use of hard-coded encryption keys and vulnerabilities related to flaws in the encryption process.Information may be obtained

TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords without authentication by visiting specific pages. TOTOLINK of a3300r There are unspecified vulnerabilities in the firmware.Information may be tampered with. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company

An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n(4555) and before allows attackers to cause a Denial of Service (DoS) via supplying a crafted web request. TP-LINK Technologies of tapo c100 Firmware has a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state. TP-LINK Tapo C100 is a network camera device produced by China Pulian (TP-LINK) Company. TP-LINK Tapo C100 has a denial-of-service vulnerability. This vulnerability is caused by incorrect processing of input error messages

TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function. TOTOLINK of x6000r Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X6000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK X6000R V9.4.0cu.852_B20230719 version has a command execution vulnerability. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

In TOTOLINK A3300R V17.0.0cu.557_B20221024 when dealing with setLedCfg request, there is no verification for the enable parameter, which can lead to command injection. TOTOLINK of a3300r Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. There is a command execution vulnerability in the TOTOLINK A3300R V17.0.0cu.557_B20221024 version. An attacker can exploit this vulnerability to potentially cause command injection

Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a denial-of-service condition. Rockwell Automation FactoryTalk View SE is an industrial automation system view interface from Rockwell Automation of the United States. Rockwell Automation FactoryTalk View SE has a security vulnerability that a remote attacker can exploit to submit a special request that can take the product offline and cause a denial of service attack

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk® Services Platform web service. Rockwell Automation FactoryTalk Services Platform is a service platform composed of multiple products from Rockwell Automation, an American company. It provides general services for applications, such as diagnostic information, health monitoring, and real-time data access. The vulnerability is caused by insufficient code logic

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow.  The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product.  The user would need to open a malicious file provided to them by the attacker for the code to execute. Rockwell Automation of arena simulation Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation Arena Simulation Software is a set of simulation software from Rockwell Automation, an American company, that provides 3D animation and graphics functions

SQL injection vulnerability in D-Link Online behavior audit gateway DAR-7000 V31R02B1413C allows a remote attacker to obtain sensitive information and execute arbitrary code via the editrole.php component. D-Link Systems, Inc. of dar-7000 The firmware has SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. TOTOLINK A3700R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. There is a command execution vulnerability in the TOTOLINK A3700R v9.1.2u.6165_20211012 version

TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function registerRequestHandle.