VARIoT IoT vulnerabilities database
| VAR-202601-4196 | CVE-2026-24429 | Shenzhen Tenda Technology Co.,Ltd. of w30e Firmware vulnerability regarding the use of default passwords |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-4216 | CVE-2026-24428 | Shenzhen Tenda Technology Co.,Ltd. of w30e Fraudulent Authentication Vulnerability in Firmware |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain an authorization flaw in the user management API that allows a low-privileged authenticated user to change the administrator account password. By sending a crafted request directly to the backend endpoint, an attacker can bypass role-based restrictions enforced by the web interface and obtain full administrative privileges. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-3938 | CVE-2026-1420 | Shenzhen Tenda Technology Co.,Ltd. of ac23 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapsk_crypto causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. Tenda AC23 version of 16.03.07.52 A vulnerability was discovered in . An exploit has been made public and may be used.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-3903 | CVE-2025-69764 | Shenzhen Tenda Technology Co.,Ltd. of AX3 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-2387 | CVE-2026-1329 | Shenzhen Tenda Technology Co.,Ltd. of ax1803 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used. Tenda AX1803 version 1.0.0.1 A vulnerability was discovered in . This attack is remotely executable and a publicly available exploit is available for malicious use.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-2425 | CVE-2026-1328 | TOTOLINK of nr1800x Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. Impacted is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. This exploit is now publicly available and can be exploited in the wild.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-2316 | CVE-2026-1327 | TOTOLINK of nr1800x Multiple vulnerabilities in firmware |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Low |
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Exploits are publicly available and can be used in the wild.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-2406 | CVE-2026-1326 | TOTOLINK of nr1800x Multiple vulnerabilities in firmware |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Low |
A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. Exploits are publicly available and may be used in attacks.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely
| VAR-202601-3105 | CVE-2025-69766 | Shenzhen Tenda Technology Co.,Ltd. of AX3 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-4073 | CVE-2025-69763 | Shenzhen Tenda Technology Co.,Ltd. of AX3 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-3750 | CVE-2025-69762 | Shenzhen Tenda Technology Co.,Ltd. of AX3 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-2437 | CVE-2021-47802 | Shenzhen Tenda Technology Co.,Ltd. of D151 Vulnerabilities related to the lack of authentication for important functions in multiple products, including |
CVSS V2: - CVSS V3: 7.5 Severity: High |
Tenda D151 and D301 routers contain an unauthenticated configuration download vulnerability that allows remote attackers to retrieve router configuration files. Attackers can send a request to /goform/getimage endpoint to download configuration data including admin credentials without authentication. In addition, information handled by the software will not be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability will not affect other software
| VAR-202601-4101 | CVE-2025-70648 | Shenzhen Tenda Technology Co.,Ltd. of ax1803 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_727F4 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. DoS ) attacks.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-3745 | CVE-2025-70646 | Shenzhen Tenda Technology Co.,Ltd. of ax1803 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_72290 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. DoS ) can be caused.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-3252 | CVE-2025-70651 | Shenzhen Tenda Technology Co.,Ltd. of ax1803 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. DoS ) attacks.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-2641 | CVE-2025-36397 | IBM of IBM Application Gateway Cross-site scripting vulnerability in |
CVSS V2: - CVSS V3: 5.4 Severity: MEDIUM |
IBM Application Gateway 23.10 through 25.09 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. Web It may be executed in the browser.Some of the information handled by the software may be leaked to the outside. Also, some of the information handled by the software may be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability may affect other software
| VAR-202601-3446 | CVE-2025-36396 | IBM of IBM Application Gateway Cross-site scripting vulnerability in |
CVSS V2: - CVSS V3: 5.4 Severity: MEDIUM |
IBM Application Gateway 23.10 through 25.09 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Also, some of the information handled by the software may be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability may affect other software
| VAR-202601-2333 | CVE-2026-0975 | Delta Electronics, INC. of DIAView Command injection vulnerability in |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Delta Electronics DIAView has Command Injection vulnerability. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAView. User interaction is required to exploit this vulnerability in that the target must open and run a malicious project.The specific flaw exists within the DIAView script component. The issue results from the lack of restrictions on script in DIAView projects. An attacker can leverage this vulnerability to execute code in the context of the current process
| VAR-202601-2403 | CVE-2025-62582 | Delta Electronics, INC. of DIAView Vulnerability regarding lack of authentication for critical features in |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
Delta Electronics DIAView has multiple vulnerabilities. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202601-2377 | CVE-2025-62581 | Delta Electronics, INC. of DIAView Vulnerability related to the use of hard-coded encryption keys in |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
Delta Electronics DIAView has multiple vulnerabilities. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software