VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202508-2393 CVE-2025-9605 Shenzhen Tenda Technology Co.,Ltd.  of  ac21  firmware and  ac23  Buffer error vulnerability in firmware CVSS V2: 10.0
CVSS V3: 9.8
Severity: High
A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Shenzhen Tenda Technology Co.,Ltd. of ac21 firmware and ac23 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202508-2619 CVE-2025-9603 Telesquare  of  TLR-2005KSH  Command injection vulnerability in firmware CVSS V2: 6.5
CVSS V3: 6.3
Severity: Low
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Telesquare of TLR-2005KSH Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202508-2557 CVE-2025-57220 Shenzhen Tenda Technology Co.,Ltd.  of  AC10  Firmware Input Validation Vulnerability CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 to escalate privileges to root via a crafted UDP packet. Shenzhen Tenda Technology Co.,Ltd. of AC10 There is an input validation vulnerability in firmware.Information may be obtained. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily for users with fiber optic connections of 200Mbps and above. Detailed vulnerability details are currently unavailable
VAR-202508-2517 CVE-2025-57219 Shenzhen Tenda Technology Co.,Ltd.  of  AC10  Access control vulnerabilities in firmware CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request. Shenzhen Tenda Technology Co.,Ltd. of AC10 Firmware contains an access control vulnerability.Information may be obtained. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily for users with fiber optic connections of 200Mbps and above
VAR-202508-2507 CVE-2025-57215 Shenzhen Tenda Technology Co.,Ltd.  of  AC10  Stack-based buffer overflow vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info. Shenzhen Tenda Technology Co.,Ltd. of AC10 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily targeting fiber optic users with speeds of 200 Mbps and above. The Tenda AC10 suffers from a stack buffer overflow vulnerability caused by the get_parentControl_list_Info function's failure to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service
VAR-202508-2380 CVE-2025-9575 Linksys  of  RE6250  Command injection vulnerabilities in firmware and other products from multiple vendors CVSS V2: 6.5
CVSS V3: 6.3
Severity: Low
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Linksys of RE6250 Firmware and other products from multiple vendors have command injection vulnerabilities, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202508-2571 CVE-2025-57218 Shenzhen Tenda Technology Co.,Ltd.  of  AC10  Stack-based buffer overflow vulnerability in firmware CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C. Shenzhen Tenda Technology Co.,Ltd. of AC10 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily targeting users with fiber optic connections of 200Mbps and above. This vulnerability stems from the failure of the security_5g parameter in the sub_46284C function to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service
VAR-202508-2552 CVE-2025-57217 Shenzhen Tenda Technology Co.,Ltd.  of  AC10  Stack-based buffer overflow vulnerability in firmware CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler. Shenzhen Tenda Technology Co.,Ltd. of AC10 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily for fiber optic users with speeds of 200 Mbps and above. This vulnerability stems from the failure of the Password parameter in the R7WebsSecurityHandler function to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service
VAR-202508-2714 CVE-2025-52054 Shenzhen Tenda Technology Co.,Ltd.  of  AC8  Authentication vulnerability in firmware CVSS V2: -
CVSS V3: 5.3
Severity: MEDIUM
An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate with network services on the device. Shenzhen Tenda Technology Co.,Ltd. of AC8 An authentication vulnerability exists in firmware.Information may be obtained
VAR-202508-2566 CVE-2025-55582 D-Link Corporation  of  DCS-825L  Privilege management vulnerability in firmware CVSS V2: -
CVSS V3: 6.6
Severity: MEDIUM
D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch-dog.sh`, which blindly respawns binaries such as `dcp` and `signalc` without verifying integrity, authenticity, or permissions. An attacker with local filesystem access (via physical access, firmware modification, or debug interfaces) can replace these binaries with malicious payloads. The script executes these binaries as root in an infinite loop, leading to persistent privilege escalation and arbitrary code execution. This issue is mitigated in v1.09.02, but the product is officially End-of-Life and unsupported. D-Link Corporation of DCS-825L The firmware contains vulnerabilities related to permission management and insufficient integrity verification of downloaded code.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202508-2607 CVE-2025-55495 Shenzhen Tenda Technology Co.,Ltd.  of  AC6  Classic buffer overflow vulnerability in firmware CVSS V2: 6.4
CVSS V3: 6.5
Severity: MEDIUM
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. Shenzhen Tenda Technology Co.,Ltd. of AC6 Firmware has a classic buffer overflow vulnerability.Information may be obtained and information may be tampered with. It supports both IPv4 and IPv6 protocols, utilizes the 802.11ac/n wireless standard, and offers a wireless transmission rate of 1167 Mbps. Detailed vulnerability details are currently unavailable
VAR-202508-2330 CVE-2025-9483 Belkin International, Inc.  of  re6500  Buffer error vulnerabilities in firmware and other products from multiple vendors CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Belkin International, Inc. of re6500 Firmware and other products from multiple vendors contain buffer error vulnerabilities and stack-based buffer overflow vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202508-2352 CVE-2025-9482 Linksys  of  RE6250  Buffer error vulnerabilities in firmware and other products from multiple vendors CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function portRangeForwardAdd of the file /goform/portRangeForwardAdd. The manipulation of the argument ruleName/schedule/inboundFilter/TCPPorts/UDPPorts results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Linksys of RE6250 Firmware and other products from multiple vendors contain buffer error vulnerabilities and stack-based buffer overflow vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202508-2270 CVE-2025-9481 Linksys  of  RE6250  Buffer error vulnerabilities in firmware and other products from multiple vendors CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function setIpv6 of the file /goform/setIpv6. The manipulation of the argument tunrd_Prefix leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Linksys of RE6250 Firmware and other products from multiple vendors contain buffer error vulnerabilities and stack-based buffer overflow vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202508-2470 CVE-2025-53419 Delta Electronics ISPSoft ISP File Parsing Improper Control of Dynamically-Managed Code Remote Code Execution Vulnerability CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
Delta Electronics COMMGR has Code Injection vulnerability. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of ISP files. The issue results from insufficient restriction of dynamically-managed code. An attacker can leverage this vulnerability to execute code in the context of the current process
VAR-202508-2273 CVE-2025-9443 Shenzhen Tenda Technology Co.,Ltd.  of  ch22  Buffer error vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument new_account can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. Shenzhen Tenda Technology Co.,Ltd. of ch22 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202508-2397 CVE-2025-29523 D-Link DSL-7740C ping6 function command injection vulnerability CVSS V2: 8.3
CVSS V3: 7.2
Severity: HIGH
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function. The D-Link DSL-7740C is a modem manufactured by D-Link, a Chinese company. This vulnerability stems from the ping6 function's failure to properly sanitize special characters and commands during command construction. An attacker could exploit this vulnerability to execute arbitrary commands
VAR-202508-2361 CVE-2025-29522 D-Link Corporation  of  DSL-7740C  Command injection vulnerability in firmware CVSS V2: 6.4
CVSS V3: 6.5
Severity: MEDIUM
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping function. The D-Link DSL-7740C is a modem manufactured by D-Link, a Chinese company. This vulnerability stems from the ping function's failure to properly sanitize special characters and commands during command construction. An attacker could exploit this vulnerability to execute arbitrary commands
VAR-202508-2563 CVE-2025-29521 D-Link Corporation  of  DSL-7740C  Firmware default credential usage vulnerability CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack. D-Link Corporation of DSL-7740C The firmware contains a vulnerability related to the use of default credentials.Information may be obtained. The D-Link DSL-7740C is a modem manufactured by D-Link, a Chinese company
VAR-202508-2450 CVE-2025-29520 D-Link Corporation  of  DSL-7740C  Access control vulnerabilities in firmware CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
Incorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackers with low-level privileges to arbitrarily change the high-privileged account passwords and escalate privileges. D-Link Corporation of DSL-7740C Firmware contains an access control vulnerability.Information may be obtained. The D-Link DSL-7740C is a modem manufactured by D-Link, a Chinese company