VARIoT IoT vulnerabilities database
| VAR-202510-2546 | CVE-2025-12104 | An unidentified vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29085). |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
A security vulnerability exists in both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4. Detailed vulnerability information is not currently available
| VAR-202510-2278 | CVE-2025-60343 | Tenda AC6 AdvSetMacMtuWan function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Multiple buffer overflows in the AdvSetMacMtuWan function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the wanMTU, wanSpeed, cloneType, mac, serviceName, serverName, wanMTU2, wanSpeed2, cloneType2, mac2, serviceName2, and serverName2 parameters. The Tenda AC6 is a wireless router manufactured by Tenda, a Chinese company.
Version 15.03.06.50 of the Tenda AC6 contains a buffer overflow vulnerability. This vulnerability stems from the AdvSetMacMtuWan function failing to properly validate the length of input data. Attackers could exploit this vulnerability to execute arbitrary code or cause a denial-of-service attack
| VAR-202510-2248 | CVE-2025-60342 | Tenda AC6 addressNat function stack buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the addressNat function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. The Tenda AC6 is a dual-band wireless router from Tenda, designed specifically for home users with 100Mbps fiber optic connections. This vulnerability stems from the page parameter in the addressNat function failing to properly validate the length of the input data
| VAR-202510-2215 | CVE-2025-60341 | Tenda AC6 fast_setting_wifi_set function stack buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. The Tenda AC6 is a dual-band wireless router from Tenda, designed specifically for home users with 100Mbps fiber optic connections. This vulnerability stems from the fact that the SSID parameter in the `fast_setting_wifi_set` function fails to properly validate the length of the input data
| VAR-202510-2250 | CVE-2025-60340 | Tenda AC6 SetClientState function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters. The Tenda AC6 is a wireless router manufactured by Tenda, a Chinese company.
Version 15.03.06.50 of the Tenda AC6 contains a buffer overflow vulnerability. This vulnerability stems from the SetClientState function's failure to properly validate the length of input data. Attackers could exploit this vulnerability to execute arbitrary code or cause a denial-of-service attack
| VAR-202510-2335 | CVE-2025-60339 | Tenda AC6 openSchedWifi function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTime parameters. The Tenda AC6 is a wireless router manufactured by Tenda, a Chinese company.
Version 15.03.06.50 of the Tenda AC6 contains a buffer overflow vulnerability. This vulnerability stems from the openSchedWifi function failing to properly validate the length of the input data. Attackers could exploit this vulnerability to execute arbitrary code or cause a denial-of-service attack
| VAR-202510-2086 | CVE-2025-60337 | Tenda AC6 SetSpeedWan function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. The Tenda AC6 is a wireless router manufactured by Tenda, a Chinese company. This vulnerability stems from the fact that the `speed_dir` parameter in the `SetSpeedWan` function fails to properly validate the length of the input data
| VAR-202510-2385 | CVE-2025-60336 | TOTOLINK N600R sub_41773C function null pointer dereference vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A NULL pointer dereference in the sub_41773C function of TOTOLINK N600R v4.3.0cu.7866_B20220506 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. The TOTOLINK N600R is a dual-band wireless router launched by the South Korean brand TOTOLINK in 2013. It supports concurrent operation on both 2.4GHz and 5GHz bands, with a maximum wireless transmission rate of 300Mbps.
The TOTOLINK N600R contains a null pointer dereference vulnerability
| VAR-202510-2145 | CVE-2025-60338 | Tenda AC6 DhcpListClient function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the DhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. The Tenda AC6 is a wireless router manufactured by Tenda, a Chinese company.
Version 15.03.06.50 of the Tenda AC6 contains a buffer overflow vulnerability. This vulnerability stems from the fact that the `page` parameter in the `DhcpListClient` function fails to properly validate the length of the input data
| VAR-202510-2249 | CVE-2025-60335 | TOTOLINK N600R main function null pointer dereference vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A NULL pointer dereference in the main function of TOTOLINK N600R v4.3.0cu.7866_B20220506 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. The TOTOLINK N600R is a dual-band wireless router launched by the South Korean brand TOTOLINK in 2013. It supports concurrent operation on both 2.4GHz and 5GHz bands, with a maximum wireless transmission rate of 300Mbps.
The TOTOLINK N600R contains a null pointer dereference vulnerability
| VAR-202510-2083 | CVE-2025-60334 | TOTOLINK N600R setWiFiBaicConfig function stack buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
TOTOLINK N600R v4.3.0cu.7866_B20220506 was discovered to contain a stack overflow in the ssid parameter in the setWiFiBasicConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. The TOTOLINK N600R is a dual-band wireless router launched by the South Korean brand TOTOLINK in 2013. It supports concurrent operation on both 2.4GHz and 5GHz bands, with a maximum wireless transmission rate of 300Mbps.
The TOTOLINK N600R contains a stack buffer overflow vulnerability. This vulnerability stems from the fact that the SSID parameter in the `setWiFiBasicConfig` function fails to properly validate the length of the input data
| VAR-202510-2188 | CVE-2025-60333 | TOTOLINK N600R setWiFiMultipleConfig function stack buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
TOTOLINK N600R v4.3.0cu.7866_B20220506 was discovered to contain a stack overflow in the wepkey2 parameter in the setWiFiMultipleConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. The TOTOLINK N600R is a dual-band wireless router launched by the South Korean brand TOTOLINK in 2013. It supports concurrent operation on both 2.4GHz and 5GHz bands, with a maximum wireless transmission rate of 300Mbps. This vulnerability stems from the fact that the wepkey2 parameter in the setWiFiMultipleConfig function fails to properly validate the length of the input data
| VAR-202510-2696 | CVE-2025-60332 | D-Link DIR-823G Denial-of-Service Vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A NULL pointer dereference in the SetWLanRadioSettings function of D-Link DIR-823G A1 v1.0.2B05 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. The D-Link DIR-823G is a wireless router manufactured by D-Link, a Chinese company. Attackers could exploit this vulnerability to cause a DoS attack
| VAR-202510-2360 | CVE-2025-60331 | D-Link DIR-823G buffer overflow vulnerability (CNVD-2025-26157) |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCU_SHELL endpoint. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. The D-Link DIR-823G is a wireless router manufactured by D-Link, a Chinese company.
The D-Link DIR-823G contains a buffer overflow vulnerability. This vulnerability stems from the FillMacCloneMac parameter failing to properly validate the length of the input data
| VAR-202510-4402 | No CVE | The TLS-4XX series equipment manufactured by the Beijing branch of Videlut Gas Station Equipment (Shanghai) Co., Ltd. has a weak password vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The TLS-4XX series is a high-precision liquid level monitoring device designed by Videlout Gas Station Equipment specifically for gas stations. It supports multi-tank management, real-time data transmission, and environmental compliance monitoring.
The TLS-4XX series manufactured by Videlout Gas Station Equipment (Shanghai) Co., Ltd., Beijing Branch, contains a weak password vulnerability. Attackers could exploit this vulnerability to obtain sensitive information.
| VAR-202510-2152 | CVE-2025-52079 | D-Link DIR-820L Access Control Error Vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp. The D-Link DIR-820L is a wireless router manufactured by D-Link.
The D-Link DIR-820L version 1.06B02 contains an improper access control vulnerability. This vulnerability stems from the administrator password setting function failing to properly validate the authentication mechanism
| VAR-202510-3188 | CVE-2025-12031 | An unidentified vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29154). |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both network access controllers from Azure Access Technology, Inc., a US-based company.
A security vulnerability exists in both Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4
| VAR-202510-4380 | No CVE | Xindu (Qingdao) Office Systems Co., Ltd.'s CM2070 has a weak password vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Xindu (Qingdao) Office Systems Co., Ltd. is a professional office equipment enterprise integrating research and development, production, sales, and after-sales service.
The Xindu (Qingdao) Office Systems Co., Ltd. CM2070 has a weak password vulnerability, which attackers can exploit to obtain sensitive information.
| VAR-202510-4381 | No CVE | Mosa Technology (Shanghai) Co., Ltd.'s Nport 5210 has an unauthorized access vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The NPort 5210 is an industrial-grade serial communication server integrating a 16-bit processor and DRAM memory.
A vulnerability exists in the Nport 5210 from Mosa Technology (Shanghai) Co., Ltd., allowing attackers to obtain sensitive information.
| VAR-202510-4408 | No CVE | Sindoh M640 from Xindu (Qingdao) Office Systems Co., Ltd. has a weak password vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Xindu (Qingdao) Office Systems Co., Ltd. is a professional office equipment enterprise integrating research and development, production, sales, and after-sales service.
The Xindu (Qingdao) Office Systems Co., Ltd.'s Sindoh M640 has a weak password vulnerability, which attackers can exploit to obtain sensitive information.