VARIoT news about IoT security

Trust: 3.0

Fetched: June 1, 2025, 9:04 a.m., Published: May 13, 2025, 9:40 p.m.
Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-4428, CVE-2025-4427
Related entries in the VARIoT vulnerabilities database: VAR-202304-1067

Trust: 4.75

Fetched: May 30, 2025, 9:40 a.m., Published: May 28, 2025, 11:19 p.m.
Vulnerabilities: traffic interception
Affected productsExternal IDs
vendor: cisco model: rv016
vendor: cisco model: routers
vendor: cisco model: rv325
vendor: cisco model: rv082
vendor: cisco model: series
vendor: cisco model: small business
vendor: cisco model: router
vendor: cisco model: cisco small business
vendor: cisco model: rv042
vendor: barracuda model: barracuda
db: NVD ids: CVE-2023-20118

Trust: 3.25

Fetched: May 30, 2025, 9:40 a.m., Published: -
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-41438

Trust: 3.25

Fetched: May 30, 2025, 9:40 a.m., Published: Jan. 30, 7479, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Trust: 4.75

Fetched: May 30, 2025, 9:39 a.m., Published: May 16, 2025, 8:20 a.m.
Vulnerabilities: path traversal, certificate validation vulnerability, command execution...
Affected productsExternal IDs
vendor: mitel model: micollab
db: NVD ids: CVE-2024-55550, CVE-2024-41713, CVE-2025-30712, CVE-2024-48865

Trust: 3.75

Fetched: May 30, 2025, 9:39 a.m., Published: May 28, 2025, midnight
Vulnerabilities: script execution
Affected productsExternal IDs
vendor: winscp model: winscp

Trust: 4.75

Fetched: May 30, 2025, 9:38 a.m., Published: May 14, 2025, 4 p.m.
Vulnerabilities: privilege management vulnerability
Affected productsExternal IDs
vendor: palo model: palo alto networks globalprotect
vendor: palo model: networks
vendor: palo model: networks globalprotect
vendor: palo alto networks model: palo alto networks globalprotect
vendor: palo alto networks model: networks
vendor: palo alto networks model: networks globalprotect
db: NVD ids: CVE-2025-0131
Related entries in the VARIoT vulnerabilities database: VAR-202109-0375, VAR-202312-2070

Trust: 4.75

Fetched: May 30, 2025, 9:37 a.m., Published: May 6, 2025, 4:10 p.m.
Vulnerabilities: session hijacking, command injection, os command injection
Affected productsExternal IDs
vendor: sonicwall model: sma 100
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: ssl-vpn
vendor: sonicwall model: sma100
db: NVD ids: CVE-2021-20035, CVE-2023-44221, CVE-2024-38475
Related entries in the VARIoT vulnerabilities database: VAR-202309-0729

Trust: 4.5

Fetched: May 30, 2025, 9:37 a.m., Published: May 29, 2025, 8:15 a.m.
Vulnerabilities: command injection, command execution
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: asus
vendor: asus model: router
db: NVD ids: CVE-2023-39780

Trust: 6.0

Fetched: May 30, 2025, 9:26 a.m., Published: Jan. 30, 7481, midnight
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-21587, CVE-2025-30691, CVE-2025-30698
Related entries in the VARIoT vulnerabilities database: VAR-202505-0077

Trust: 5.25

Fetched: May 30, 2025, 9:26 a.m., Published: May 6, 2025, 11:31 a.m.
Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dir-600l
db: NVD ids: CVE-2025-4349

Trust: 3.0

Fetched: May 30, 2025, 9:25 a.m., Published: May 29, 2025, noon
Vulnerabilities: -
Affected productsExternal IDs

Trust: 6.0

Fetched: May 30, 2025, 9:24 a.m., Published: Jan. 30, 7482, midnight
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-21587, CVE-2025-30691, CVE-2025-30698

Trust: 3.0

Fetched: May 30, 2025, 9:24 a.m., Published: May 30, 2025, midnight
Vulnerabilities: -
Related entries in the VARIoT vulnerabilities database: VAR-202505-1884

Trust: 3.25

Fetched: May 30, 2025, 9:23 a.m., Published: May 8, 2025, 4:14 a.m.
Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-32756

Trust: 3.5

Fetched: May 30, 2025, 9:22 a.m., Published: May 30, 2025, 1:23 a.m.
Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: asus

Trust: 3.75

Fetched: May 30, 2025, 9:22 a.m., Published: May 28, 2025, 3:01 p.m.
Vulnerabilities: command injection, arbitrary command execution, command execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-40099, CVE-2025-4009

Trust: 4.5

Fetched: May 30, 2025, 9:21 a.m., Published: May 22, 2025, 12:19 p.m.
Vulnerabilities: device impersonation, code execution
Affected productsExternal IDs
vendor: apple model: apple tv
db: NVD ids: CVE-2025-24132, CVE-2025-24252

Trust: 3.75

Fetched: May 30, 2025, 9:21 a.m., Published: Jan. 30, 7473, midnight
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: ghostscript model: ghostscript
vendor: canonical model: ubuntu

Trust: 3.0

Fetched: May 30, 2025, 9:20 a.m., Published: May 30, 2025, 5:29 a.m.
Vulnerabilities: command injection, code execution
Affected productsExternal IDs