VARIoT IoT vulnerabilities database
| VAR-202510-0056 | CVE-2025-11388 | Tenda AC15 newVersion parameter stack buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used. The Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. This vulnerability stems from the failure of the parameter "newVersion" in the file "/goform/setNotUpgrade" to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202510-0110 | CVE-2025-11387 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fast_setting_pppoe_set. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability could allow an attacker to execute arbitrary code or cause a denial of service
| VAR-202510-0057 | CVE-2025-11386 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. This vulnerability stems from the failure of the parameter ddnsEn in the file /goform/SetDDNSCfg to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202510-0095 | CVE-2025-11385 | Shenzhen Tenda Technology Co.,Ltd. of AC20 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. of AC20 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Detailed vulnerability details are currently unavailable
| VAR-202510-0111 | CVE-2025-11356 | Shenzhen Tenda Technology Co.,Ltd. of ac23 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. of ac23 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It offers dual-band concurrent transmission rates up to 2033 Mbps, with the 5 GHz band reaching up to 1733 Mbps. It is suitable for high-bandwidth applications such as 4K video and online live streaming. This vulnerability stems from the failure of the sscanf function in the file /goform/SetStaticRouteCfg to properly validate the length of the input data in the parameter list. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202510-0075 | CVE-2025-11339 | D-Link Corporation of DI-7100G C1 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Corporation of DI-7100G C1 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DI-7100G C1 is an enterprise-class router designed primarily for small and medium-sized businesses. This vulnerability stems from the failure of the popupId parameter in the /webchat/hi_block.asp file to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service
| VAR-202510-0030 | CVE-2025-11338 | D-Link DI-7100G C1 openid parameter buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. The D-Link DI-7100G C1 is an enterprise-class router designed primarily for small and medium-sized businesses.
The D-Link DI-7100G C1 suffers from a buffer overflow vulnerability. This vulnerability stems from a failure to properly validate the length of input data in the openid parameter in the /webchat/login.cgi file. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service
| VAR-202510-0098 | CVE-2025-11335 | D-Link Corporation of DI-7100G C1 Injection Vulnerability in Firmware |
CVSS V2: 5.8 CVSS V3: 4.7 Severity: Low |
A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. D-Link Corporation of DI-7100G C1 The firmware contains injection and command injection vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DI-7100G C1 is an enterprise-class router designed primarily for small and medium-sized businesses.
The D-Link DI-7100G C1 suffers from a command injection vulnerability caused by the iface parameter in the file /msp_info.htm?flag=qos failing to properly sanitize special characters and commands when constructing commands. Detailed vulnerability details are currently unavailable
| VAR-202510-0114 | CVE-2025-11328 | Tenda AC18 ddnsEn parameter stack buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was detected in Tenda AC18 15.03.05.19(6318). This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. The Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in July 2016, primarily for villa and large-sized home users. This vulnerability stems from the failure of the ddnsEn parameter in the /goform/SetDDNSCfg file to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202510-0170 | CVE-2025-11327 | Tenda AC18 upnpEn parameter stack buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A security vulnerability has been detected in Tenda AC18 15.03.05.19(6318). This vulnerability affects unknown code of the file /goform/SetUpnpCfg. The manipulation of the argument upnpEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in July 2016, primarily for villa and large-sized home users. This vulnerability stems from the failure of the upnpEn parameter in the /goform/SetUpnpCfg file to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202510-0099 | CVE-2025-11326 | Shenzhen Tenda Technology Co.,Ltd. of AC18 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A weakness has been identified in Tenda AC18 15.03.05.19(6318). This affects an unknown part of the file /goform/WifiMacFilterSet. Executing a manipulation of the argument wifi_chkHz can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. Shenzhen Tenda Technology Co.,Ltd. of AC18 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in July 2016, primarily for villa and large-sized home users.
The Tenda AC18 suffers from a stack buffer overflow vulnerability. This vulnerability stems from the failure of the wifi_chkHz parameter in the file /goform/WifiMacFilterSet to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202510-0048 | CVE-2025-11325 | Tenda AC18 Username parameter stack buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A security flaw has been discovered in Tenda AC18 15.03.05.19(6318). Affected by this issue is some unknown functionality of the file /goform/fast_setting_pppoe_set. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in July 2016, primarily for villa and large-sized home users.
The Tenda AC18 suffers from a stack buffer overflow vulnerability. This vulnerability stems from a failure to properly validate the length of the input data in the parameter Username in the file /goform/fast_setting_pppoe_set. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202510-0025 | CVE-2025-11324 | Shenzhen Tenda Technology Co.,Ltd. of AC18 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was identified in Tenda AC18 15.03.05.19(6318). Affected by this vulnerability is an unknown functionality of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. Shenzhen Tenda Technology Co.,Ltd. of AC18 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in July 2016, primarily for villa and large-sized home users. This vulnerability stems from the failure of the parameter newVersion in the file /goform/setNotUpgrade to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202510-0526 | No CVE | HP Development Company, L.P. HP 2530-48G Switch (J9775A) has an unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The HP 2530-48G Switch (J9775A) is a 48-port Gigabit Layer 3 switch that supports PoE+, ACLs, and IPv6, providing highly reliable networks for enterprise access layers.
HP Development Company, L.P. The HP 2530-48G Switch (J9775A) has an unauthorized access vulnerability that could allow an attacker to obtain sensitive information.
| VAR-202510-0527 | No CVE | Netis Systems Co., Ltd. Netis E3 has a command execution vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
The Netis E3 is a Gigabit dual-band wireless router that supports MU-MIMO and Beamforming, providing high-speed Wi-Fi coverage for homes and small, medium-sized offices (SOHOs).
The Netis E3, manufactured by Netis Systems Co., Ltd., contains a command execution vulnerability that could allow an attacker to gain server privileges.
| VAR-202510-2816 | No CVE | Beijing Star-Net Ruijie Networks Technology Co., Ltd.'s RG-MA3063 has a logical flaw vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The RG-MA3063 is a home router.
The RG-MA3063 router, manufactured by Beijing Star-Net Ruijie Networks Technology Co., Ltd., contains a logical flaw vulnerability that attackers could exploit to obtain sensitive information.
| VAR-202510-3540 | No CVE | Brother (China) Commercial Co., Ltd.'s DCP-T730DW has an unauthorized access vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The Brother (China) Commercial Co., Ltd. DCP-T730DW is a color inkjet multifunction printer that integrates printing, copying, and scanning functions.
The Brother (China) Commercial Co., Ltd. DCP-T730DW contains an unauthorized access vulnerability that could be exploited by attackers to obtain sensitive information.
| VAR-202510-3024 | No CVE | A command execution vulnerability exists in the DCME-720 processor developed by Beijing Digital China Cloud Technology Co., Ltd. |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
The DCME-720 is a next-generation high-performance internet egress gateway.
The DCME-720 developed by Beijing Digital China Cloud Technology Co., Ltd. contains a command execution vulnerability, which attackers could exploit to execute arbitrary commands.
| VAR-202510-4302 | No CVE | Canon (China) Co., Ltd.'s Canon MF745C/746C has a weak password vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The Canon MF745C/746C is a color laser multifunction printer that supports printing, copying, scanning, and faxing.
Canon (China) Co., Ltd.'s Canon MF745C/746C printers contain a weak password vulnerability that attackers could exploit to obtain sensitive information.
| VAR-202510-3243 | No CVE | Brother (China) Commercial Co., Ltd.'s MFC-T930DW has an unauthorized access vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The MFC-T930DW is a color inkjet multifunction printer.
Brother (China) Commercial Co., Ltd.'s MFC-T930DW printer contains an unauthorized access vulnerability that could be exploited by attackers to obtain sensitive information.