skyvast404/IoT_Hunter

GitHub

github.com

Releases0

Stars5

This rep is used to hunter bugs for IoT.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-27293 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	5 MEDIUM
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.
CVE-2022-27295 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	5 MEDIUM
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formAdvanceSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.
CVE-2022-27294 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	5 MEDIUM
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanWizardSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.
CVE-2022-27279 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	5 MEDIUM
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file read via the function sub_177E0.
CVE-2022-27286 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	7.8 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanNonLogin. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27273 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12168. This vulnerability is triggered via a crafted packet.
CVE-2022-27274 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12028. This vulnerability is triggered via a crafted packet.
CVE-2022-27275 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_122D0. This vulnerability is triggered via a crafted packet.
CVE-2022-27276 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_10F2C. This vulnerability is triggered via a crafted packet.
CVE-2022-27277 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.1 CRITICAL	6.4 MEDIUM
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file deletion vulnerability via the function sub_17C08.
CVE-2022-27268 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component get_cgi_from_memory. This vulnerability is triggered via a crafted packet.
CVE-2022-27280 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	5.4 MEDIUM	3.5 LOW
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.
CVE-2022-27272 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_1791C. This vulnerability is triggered via a crafted packet.
CVE-2022-27287 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	7.8 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPPoE. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27288 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	5 MEDIUM
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPTP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27289 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	5 MEDIUM
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanL2TP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27290 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	5 MEDIUM
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanDhcpplus. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27291 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	7.5 HIGH	5 MEDIUM
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formdumpeasysetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the config.save_network_enabled parameter.
CVE-2022-27271 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component python-lib. This vulnerability is triggered via a crafted packet.
CVE-2022-27270 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component ipsec_secrets. This vulnerability is triggered via a crafted packet.
CVE-2022-27269 ↗	Apr 10, 2022Sunday, 10 April 2022, 21:15	9.8 CRITICAL	7.5 HIGH
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component config_ovpn. This vulnerability is triggered via a crafted packet.