VARIoT IoT vulnerabilities database
| VAR-202501-0795 | CVE-2024-54887 | TP-LINK TL-WR940N Buffer Overflow Vulnerability (CNVD-2025-02852) |
CVSS V2: 7.7 CVSS V3: 8.0 Severity: HIGH |
TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user. TP-LINK TL-WR940N is a wireless router from TP-LINK of China.
TP-LINK TL-WR940N has a buffer overflow vulnerability, which is caused by the boundary error of dnsserver1 and dnsserver2 parameters in /userRpm/Wan6to4TunnelCfgRpm.htm when processing untrusted input
| VAR-202501-0096 | CVE-2025-0349 | Shenzhen Tenda Technology Co.,Ltd. of AC6 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Shenzhen Tenda Technology Co.,Ltd. of AC6 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Tenda AC6 has a buffer overflow vulnerability, which is caused by a boundary error in the parameter src when processing untrusted input. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202501-1216 | No CVE | ZTE Corporation's ZSRV2 Intelligent Integrated Multi-Service Router has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
ZTE Corporation is a leading global provider of integrated communications solutions.
ZTE Corporation's ZSRV2 intelligent integrated multi-service router has a weak password vulnerability that can be exploited by attackers to obtain sensitive information.
| VAR-202501-0173 | CVE-2025-20123 | Cisco Systems Cisco Crosswork Network Controller Cross-site scripting vulnerability in |
CVSS V2: 6.4 CVSS V3: 4.8 Severity: MEDIUM |
Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system.
These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by inserting malicious data into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Cisco Systems Cisco Crosswork Network Controller Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. When the malicious data is viewed, sensitive information can be obtained or user sessions can be hijacked
| VAR-202501-0453 | CVE-2024-45555 | Integer overflow vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 8.4 Severity: HIGH |
Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. MSM8996AU firmware, qam8255p firmware, QAM8295P Multiple Qualcomm products, including firmware, contain an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202501-1053 | CVE-2024-33067 | Out-of-bounds read vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 6.1 Severity: MEDIUM |
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. AR8035 firmware, c-v2x 9150 firmware, CSRB31024 Multiple Qualcomm products, such as firmware, contain an out-of-bounds read vulnerability.Information may be obtained
| VAR-202501-0596 | CVE-2024-20154 | media tech's LR12A Multiple vulnerabilities in multiple products, including |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392. ID : MOLY00720348 and problems ID : MSV-2392 Fixed inAll information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202501-2401 | CVE-2024-20151 | media tech's nr16 and NR17 Out-of-bounds write vulnerability in |
CVSS V2: - CVSS V3: 6.7 Severity: MEDIUM |
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928. media tech's nr16 and NR17 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202501-0708 | CVE-2024-20150 | Untrusted Data Deserialization Vulnerability in Multiple MediaTek Products |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018. LR12A , LR13 , NR15 Multiple MediaTek products contain vulnerabilities related to the deserialization of untrusted data.Service operation interruption (DoS) It may be in a state
| VAR-202501-0476 | CVE-2024-20149 | media tech's LR12 Vulnerabilities related to improper validation of quantities specified in inputs in multiple products, such as |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01231341 / MOLY01263331 / MOLY01233835; Issue ID: MSV-2165. Patch ID teeth MOLY01231341 , MOLY01263331 , MOLY01233835 And the problem ID teeth MSV-2165 is.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202501-0027 | CVE-2024-13108 | D-Link Systems, Inc. of DIR-816 Firmware vulnerabilities |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-816 There are unspecified vulnerabilities in the firmware.Information may be tampered with. D-Link DIR-816 A2 is a wireless router from D-Link of China. Attackers can exploit this vulnerability to set the device's NetSniper
| VAR-202501-0010 | CVE-2024-13107 | D-Link Systems, Inc. of DIR-816 Firmware vulnerabilities |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been classified as critical. This affects an unknown part of the file /goform/form2LocalAclEditcfg.cgi of the component ACL Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-816 There are unspecified vulnerabilities in the firmware.Information may be tampered with. D-Link DIR-816 A2 is a wireless router from D-Link of China. Attackers can exploit this vulnerability to set the local access control list of the device
| VAR-202501-0024 | CVE-2024-13106 | D-Link Systems, Inc. of DIR-816 Firmware vulnerabilities |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/form2IPQoSTcAdd of the component IP QoS Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-816 There are unspecified vulnerabilities in the firmware.Information may be tampered with. D-Link DIR-816 A2 is a wireless router from D-Link of China. Attackers can exploit this vulnerability to set the QoS settings of the device
| VAR-202501-0054 | CVE-2024-13105 | D-Link Systems, Inc. of DIR-816 Firmware vulnerabilities |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/form2Dhcpd.cgi of the component DHCPD Setting Handler. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-816 There are unspecified vulnerabilities in the firmware.Information may be tampered with. D-Link DIR-816 A2 is a wireless router from D-Link of China. Attackers can use this vulnerability to set up the dhcp service of the device
| VAR-202501-0004 | CVE-2024-13104 | D-Link Systems, Inc. of DIR-816 Firmware vulnerabilities |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
A vulnerability, which was classified as critical, was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. Affected is an unknown function of the file /goform/form2AdvanceSetup.cgi of the component WiFi Settings Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-816 There are unspecified vulnerabilities in the firmware.Information may be tampered with. D-Link DIR-816 A2 is a wireless router from D-Link of China. Attackers can use this vulnerability to set the device's 2.4G and 5G advanced settings
| VAR-202501-0033 | CVE-2024-13103 | D-Link Systems, Inc. of DIR-816 Firmware vulnerabilities |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-816 There are unspecified vulnerabilities in the firmware.Information may be tampered with. D-Link DIR-816 is a wireless router from D-Link of China. Attackers can use this vulnerability to set up virtual services on the device
| VAR-202501-0005 | CVE-2024-13102 | D-Link Systems, Inc. of DIR-816 Firmware vulnerabilities |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: Medium |
A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-816 There are unspecified vulnerabilities in the firmware.Information may be tampered with. D-Link DIR-816 A2 is a wireless router from Taiwan's D-Link. Attackers can exploit this vulnerability to access and operate the DDNS service of the affected router, tamper with the DDNS settings, and obtain sensitive information
| VAR-202412-2435 | CVE-2024-13030 | D-Link Systems, Inc. of DIR-823G Vulnerability regarding improper permission settings in firmware |
CVSS V2: 7.5 CVSS V3: 7.3 Severity: Medium |
A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/ of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-823G The firmware contains vulnerabilities related to improper permission settings and access control.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-823G is a wireless router that provides network connectivity and management capabilities for home and small offices. An attacker can exploit this vulnerability to cause unauthorized access control
| VAR-202412-2935 | CVE-2023-52718 | plural Huawei Product vulnerabilities |
CVSS V2: 6.2 CVSS V3: 6.4 Severity: MEDIUM |
A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408)
This vulnerability has been assigned a (CVE)ID:CVE-2023-52718. PT9030-15 firmware, WS7206-10 firmware, WS7290-15 firmware etc. Huawei There are unspecified vulnerabilities in the product.Information is obtained and service operation is interrupted (DoS) It may be in a state. The Huawei WS8700 and other routers are manufactured by the Chinese company Huawei
| VAR-202412-3017 | CVE-2023-7266 | plural Huawei Product vulnerabilities |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-76605)
This vulnerability has been assigned a (CVE)ID:CVE-2023-7266. Huawei of TC7001-10 firmware, WS7200-10 firmware, WS7206-10 There are unspecified vulnerabilities in the firmware.Information is obtained and service operation is interrupted (DoS) It may be in a state