Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iot sec vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-11956
An issue exists on Rittal PDU-3C002DEC up to and including 5.17.10 and CMCIII-PU-9333E0FB up to and including 3.17.10 devices. There is a least privilege violation.
Rittal Cmciii-pu-9333e0fb Firmware
Rittal Pdu-3c002dec Firmware
Rittal Cmc Iii Pu 7030.000 Firmware
Rittal Lcp-cw Firmware
Rittal Iot Interface 3124.300
9.8
CVSSv3
CVE-2020-11951
An issue exists on Rittal PDU-3C002DEC up to and including 5.17.10 and CMCIII-PU-9333E0FB up to and including 3.17.10 devices. There is a Backdoor root account.
Rittal Cmciii-pu-9333e0fb Firmware
Rittal Pdu-3c002dec Firmware
Rittal Cmc Iii Pu 7030.000 Firmware
Rittal Lcp-cw Firmware
Rittal Iot Interface 3124.300
9.8
CVSSv3
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
9.8
CVSSv3
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
9.8
CVSSv3
CVE-2014-9984
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.
Gnu Glibc
9.8
CVSSv3
CVE-2016-2148
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to have unspecified impact via vectors involving OPTION_6RD parsing.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
8.8
CVSSv3
CVE-2020-11953
An issue exists on Rittal PDU-3C002DEC up to and including 5.15.40 and CMCIII-PU-9333E0FB up to and including 3.15.70_4 devices. Attackers can execute code.
Rittal Cmciii-pu-9333e0fb Firmware
Rittal Pdu-3c002dec Firmware
Rittal Cmc Iii Pu 7030.000 Firmware
Rittal Lcp-cw Firmware
Rittal Iot Interface 3124.300
8.8
CVSSv3
CVE-2020-11955
An issue exists on Rittal PDU-3C002DEC up to and including 5.15.70 and CMCIII-PU-9333E0FB up to and including 3.15.70 devices. There are insecure permissions.
Rittal Cmciii-pu-9333e0fb Firmware
Rittal Pdu-3c002dec Firmware
Rittal Cmc Iii Pu 7030.000 Firmware
Rittal Lcp-cw Firmware
Rittal Iot Interface 3124.300
8.8
CVSSv3
CVE-2017-16544
In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could pot...
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2020-3611
u'XBL SEC clears only ZI region when loading Qualcomm-signed segments can lead to improper access issue' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, Kamorta, MSM...
Qualcomm Apq8098 Firmware -
Qualcomm Kamorta Firmware -
Qualcomm Msm8998 Firmware -
Qualcomm Qcs404 Firmware -
Qualcomm Qcs605 Firmware -
Qualcomm Sda660 Firmware -
Qualcomm Sda845 Firmware -
Qualcomm Sdm630 Firmware -
Qualcomm Sdm636 Firmware -
Qualcomm Sdm660 Firmware -
Qualcomm Sdm670 Firmware -
Qualcomm Sdm710 Firmware -
Qualcomm Sdm845 Firmware -
Qualcomm Sdm850 Firmware -
Qualcomm Sxr1130 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »