VARIoT IoT vulnerabilities database
| VAR-202510-2216 | CVE-2025-12210 | Tenda O3 formAdvSetLanip function buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was identified in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The Tenda O3 is an outdoor wireless bridge from Tenda, a Chinese company. This vulnerability stems from the fact that the `lanIp` parameter in the `SetValue`/`GetValue` function of the file `/goform/AdvSetLanip` fails to properly validate the length of the input data. Attackers could exploit this vulnerability to execute arbitrary code on the system or cause a denial-of-service attack
| VAR-202510-2084 | CVE-2025-12209 | Tenda O3 form/setDhcpConfig function buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was determined in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing a manipulation of the argument dhcpEn can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The Tenda O3 is an outdoor wireless bridge from Tenda, a Chinese company. This vulnerability stems from the fact that the `dhcpEn` parameter in the `SetValue/GetValue` function of the file `/goform/setDhcpConfig` fails to properly validate the length of the input data. Attackers could exploit this vulnerability to execute arbitrary code on the system or cause a denial-of-service attack
| VAR-202510-4376 | CVE-2025-12285 | An unidentified vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29093). |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
A security vulnerability exists in both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, stemming from a lack of initial password change functionality. Detailed vulnerability information is not currently available
| VAR-202510-2967 | CVE-2025-12284 | Cross-site scripting vulnerabilities in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 |
CVSS V2: 6.4 CVSS V3: 6.1 Severity: MEDIUM |
Lack of Input Validation in the web UI might lead to potential exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
Both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 contain a cross-site scripting (XSS) vulnerability caused by improper validation of user-supplied input. Detailed vulnerability information is not currently available
| VAR-202510-3391 | CVE-2025-12278 | An unidentified vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29094). |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
A security vulnerability exists in both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, stemming from a malfunction in the logout function. Detailed vulnerability information is not currently available
| VAR-202510-2968 | CVE-2025-12275 | Command execution vulnerabilities in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Mail Configuration File Manipulation + Command Execution.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
A command execution vulnerability exists in both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, caused by improper input validation. An attacker could exploit this vulnerability to execute arbitrary commands and manipulate email configurations
| VAR-202510-4373 | CVE-2025-12221 | Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Cross-Site Request Forgery Vulnerabilities (CNVD-2025-29095) |
CVSS V2: 10.0 CVSS V3: 8.8 Severity: HIGH |
Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
Both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 contain a cross-site request forgery (XPS) vulnerability caused by improper validation of user-provided input. An attacker could exploit this vulnerability to perform unauthorized actions by sending malformed HTTP requests
| VAR-202510-2969 | CVE-2025-12220 | An unidentified vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29091). |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
A security vulnerability exists in both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, stemming from their reliance on the vulnerable third-party component Busybox. Detailed vulnerability information is not currently available
| VAR-202510-2544 | CVE-2025-12218 | An undiscovered vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29090). |
CVSS V2: 9.4 CVSS V3: 9.1 Severity: CRITICAL |
Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
A security vulnerability exists in both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, stemming from the use of weak default credentials. Detailed vulnerability information is not currently available
| VAR-202510-3185 | CVE-2025-12217 | An unidentified vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29092). |
CVSS V2: 9.4 CVSS V3: 9.1 Severity: CRITICAL |
SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
Both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 contain a security vulnerability stemming from the use of a default SNMP community string. An attacker could exploit this vulnerability to gain unauthorized access
| VAR-202510-2770 | CVE-2025-12216 | Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Denial-of-Service Vulnerabilities (CNVD-2025-29089) |
CVSS V2: 4.9 CVSS V3: 5.5 Severity: MEDIUM |
Malicious / Malformed App can be Installed but not Uninstalled/may lead to unavailability.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
Both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 contain a denial-of-service vulnerability. This vulnerability stems from the fact that malicious or malformed applications can be installed but not uninstalled, allowing attackers to exploit this vulnerability to render the service unavailable
| VAR-202510-2089 | CVE-2025-60566 | D-Link DIR600L formSetMACFilter function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formSetMACFilter` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack
| VAR-202510-2283 | CVE-2025-60565 | D-Link DIR600L formSchedule function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSchedule. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formSchedule` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack
| VAR-202510-2147 | CVE-2025-60564 | D-Link DIR600L formSetLog function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetLog. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formSetLog` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack
| VAR-202510-2356 | CVE-2025-60563 | D-Link DIR600L formSetPortTr function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetPortTr. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formSetPortTr` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack
| VAR-202510-2087 | CVE-2025-60562 | D-Link DIR600L formWlSiteSurvey function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formWlSiteSurvey. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formWlSiteSurvey` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack
| VAR-202510-2252 | CVE-2025-60561 | D-Link DIR600L formSetEmail function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEmail. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formSetEmail` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack
| VAR-202510-2148 | CVE-2025-60559 | D-Link DIR600L formSetDomainFilter function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetDomainFilter. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formSetDomainFilter` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack
| VAR-202510-2354 | CVE-2025-60558 | D-Link DIR600L formVirtualServ function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formVirtualServ. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formVirtualServ` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack
| VAR-202510-2090 | CVE-2025-60557 | D-Link DIR600L formSetEasy_Wizard function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEasy_Wizard. The D-Link DIR600L is a wireless router designed for home users, belonging to D-Link's "Cloud Router" series. It features an external antenna design, supports the 802.11n standard, and has a maximum wireless transmission rate of 150Mbps.
The D-Link DIR600L contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `curTime` parameter in the `formSetEasy_Wizard` function fails to properly validate the length of the input data. Attackers can exploit this vulnerability to cause a denial-of-service attack