VARIoT IoT vulnerabilities database
| VAR-202504-0990 | CVE-2025-27938 | Growatt Cloud Applications Authorization Bypass Vulnerability |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
Unauthenticated attackers can obtain restricted information about a user's smart device collections (i.e., "rooms"). Growatt Cloud Applications is a monitoring platform of China's Growatt
| VAR-202504-0965 | CVE-2025-27568 | Growatt New Energy of Cloud portal Vulnerability in user-controlled key authentication evasion in |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
An unauthenticated attacker can get users' emails by knowing usernames. A password reset email will be sent in response to this unsolicited request. Growatt New Energy of Cloud portal Exists in a user-controlled key authentication evasion vulnerability.Information may be obtained. Growatt Cloud Applications is a monitoring platform of China's Growatt.
Growatt Cloud Applications 3.6.0 and earlier versions have an authorization bypass vulnerability that can be exploited by unauthenticated attackers to obtain user emails by knowing the username, resulting in the sending of password reset emails
| VAR-202504-1784 | CVE-2025-25456 | Shenzhen Tenda Technology Co.,Ltd. of AC10 Classic buffer overflow vulnerability in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via mac2. Shenzhen Tenda Technology Co.,Ltd. of AC10 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Tenda AC10 has a buffer overflow vulnerability, which is caused by the mac2 parameter in AdvSetMacMtuWan failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202504-3185 | CVE-2025-22903 | TOTOLINK of n600r Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 4.6 CVSS V3: 4.6 Severity: MEDIUM |
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the pin parameter in the function setWiFiWpsConfig. TOTOLINK of n600r A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK N600R is a wireless router produced by China's TOTOLINK Electronics.
TOTOLINK N600R has a buffer overflow vulnerability. The vulnerability is caused by the pin parameter in the setWiFiWpsConfig function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service
| VAR-202504-1797 | CVE-2025-22900 | TOTOLINK of n600r Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function. TOTOLINK of n600r A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK N600R is a wireless router produced by China's TOTOLINK Electronics.
TOTOLINK N600R has a buffer overflow vulnerability. The vulnerability is caused by the macCloneMac parameter in the setWanConfig function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202504-1759 | CVE-2025-28143 | EDIMAX Technology of BR-6478AC V3 Command injection vulnerability in firmware |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the groupname at the /boafrm/formDiskCreateGroup. EDIMAX Technology of BR-6478AC V3 Firmware contains a command injection vulnerability.Information may be obtained and information may be tampered with. Edimax BR-6478AC is a dual-band Gigabit router from China's Edimax.
Edimax BR-6478AC has a command execution vulnerability, which is caused by the groupname parameter in /boafrm/formDiskCreateGroup failing to properly filter special characters and commands in the constructed command. Attackers can exploit this vulnerability to cause arbitrary command execution
| VAR-202504-2758 | CVE-2025-28137 | TOTOLINK of A810R in the firmware OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter. TOTOLINK of A810R The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A810R is a wireless dual-band router from China's TOTOLINK Electronics. Attackers can exploit this vulnerability to execute arbitrary commands
| VAR-202504-2960 | CVE-2025-28136 | TOTOLINK of a800r Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi. TOTOLINK A800R is a wireless router produced by China's TOTOLINK Electronics. No detailed vulnerability details are currently provided
| VAR-202504-4092 | No CVE | HP Ink Tank Wireless 410 series has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
HP Ink Tank Wireless 410 series is a color inkjet multifunction printer that integrates printing, copying, scanning and wireless functions.
HP Ink Tank Wireless 410 series has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.
| VAR-202504-1191 | CVE-2025-3538 | D-Link Systems, Inc. of di-8100 Buffer error vulnerability in firmware |
CVSS V2: 8.3 CVSS V3: 8.8 Severity: High |
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8100 The firmware contains a buffer error vulnerability, a stack-based buffer overflow vulnerability, and an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8100 is a broadband router designed by D-Link for small and medium-sized network environments.
D-Link DI-8100 has a stack buffer overflow vulnerability. No detailed vulnerability details are currently available
| VAR-202504-0860 | CVE-2025-2441 | Schneider Electric Trio Q Licensed Data Radio Information Disclosure Vulnerability |
CVSS V2: 4.9 CVSS V3: 4.6 Severity: Medium |
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could lead to loss of
confidentiality when a malicious user, having physical access, sets the radio in factory default mode where the
product does not correctly initialize all data. Schneider Electric Trio Q Licensed Data Radio is a radio produced by Schneider Electric of France.
Schneider Electric Trio Q Licensed Data Radio has an information leakage vulnerability. The vulnerability is caused by insecure resource initialization. Attackers can exploit this vulnerability to obtain sensitive information
| VAR-202504-3989 | CVE-2025-26682 | Microsoft's ASP.NET Core and Microsoft Visual Studio Service operation interruption in (DoS) Vulnerability |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. Microsoft's ASP.NET Core and Microsoft Visual Studio includes denial of service (DoS) Vulnerability exists.Denial of service by unauthenticated attackers (DoS) It may be in a state
| VAR-202504-1837 | CVE-2024-48887 | fortinet's FortiSwitch Unverified password change vulnerability in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request. fortinet's FortiSwitch contains an unverified password change vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiSwitch is a network switch management tool from Fortinet, an American company.
Fortinet FortiSwitch has an authorization issue vulnerability, which stems from unauthenticated password changes. Attackers can exploit this vulnerability to cause the administrator password to be tampered with
| VAR-202504-1464 | CVE-2025-3289 | Rockwell Automation of Arena Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. Rockwell Automation of Arena Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation Arena is discrete-event simulation and automation software from Rockwell Automation
| VAR-202504-2295 | CVE-2025-3288 | Rockwell Automation of Arena Out-of-bounds read vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. Rockwell Automation of Arena Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation Arena is discrete-event simulation and automation software from Rockwell Automation
| VAR-202504-3071 | CVE-2025-3287 | Rockwell Automation of Arena Out-of-bounds read vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. Rockwell Automation of Arena Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation Arena is discrete-event simulation and automation software from Rockwell Automation
| VAR-202504-1882 | CVE-2025-3286 | Rockwell Automation of Arena Out-of-bounds read vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. Rockwell Automation of Arena Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation Arena is discrete-event simulation and automation software from Rockwell Automation
| VAR-202504-1549 | CVE-2025-2829 | Rockwell Automation of Arena Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. Rockwell Automation of Arena Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation Arena is discrete-event simulation and automation software from Rockwell Automation
| VAR-202504-3927 | CVE-2025-2293 | Rockwell Automation of Arena Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. Rockwell Automation of Arena Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation Arena is discrete-event simulation and automation software from Rockwell Automation
| VAR-202504-2788 | CVE-2025-2288 | Rockwell Automation of Arena Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. Rockwell Automation of Arena Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation Arena is discrete-event simulation and automation software from Rockwell Automation