VARIoT IoT vulnerabilities database
| VAR-202509-3786 | CVE-2025-11096 | D-Link Corporation of DIR-823X Injection Vulnerability in Firmware |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Low |
A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diag_traceroute. Executing manipulation of the argument target_addr can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used. D-Link Corporation of DIR-823X The firmware contains injection and command injection vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-823X is a wireless router from D-Link, a Chinese company. This vulnerability could allow an attacker to remotely inject commands
| VAR-202509-3806 | CVE-2025-11095 | D-Link Corporation of DIR-823X Injection Vulnerability in Firmware |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Low |
A vulnerability was detected in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/delete_offline_device. Performing manipulation of the argument delvalue results in command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. D-Link Corporation of DIR-823X The firmware contains injection and command injection vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-823X is a wireless router from D-Link, a Chinese company
| VAR-202509-3831 | CVE-2025-11092 | D-Link Corporation of DIR-823X Injection Vulnerability in Firmware |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Low |
A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub_412E7C of the file /goform/set_switch_settings. This manipulation of the argument port causes command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. D-Link Corporation of DIR-823X The firmware contains injection and command injection vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-823X is a wireless router manufactured by D-Link, a Chinese company
| VAR-202509-3845 | CVE-2025-11091 | Shenzhen Tenda Technology Co.,Ltd. of ac21 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be exploited. Shenzhen Tenda Technology Co.,Ltd. of ac21 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202509-3918 | CVE-2025-55848 | D-Link Corporation of DIR-823X Command injection vulnerability in firmware |
CVSS V2: 8.3 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in DIR-823 firmware 20250416. There is an RCE vulnerability in the set_cassword settings interface, as the http_casswd parameter is not filtered by '&'to allow injection of reverse connection commands. D-Link Corporation of DIR-823X Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-823X is a wireless router from D-Link, a Chinese company. An attacker could exploit this vulnerability to cause code execution
| VAR-202509-3799 | CVE-2025-11005 | TOTOLINK of x6000r in the firmware OS Command injection vulnerability |
CVSS V2: 9.7 CVSS V3: 9.8 Severity: CRITICAL |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1458_B20250708. TOTOLINK of x6000r The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK X6000R is a wireless router from TOTOLINK.
TOTOLINK X6000R V9.4.0cu.1458_B20250708 and earlier versions contain an operating system command injection vulnerability. This vulnerability stems from a failure to properly sanitize special elements in user input. An attacker could exploit this vulnerability to execute arbitrary operating system commands
| VAR-202509-3862 | CVE-2025-57623 | TOTOLINK of n600r in the firmware NULL Pointer dereference vulnerability |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
A NULL pointer dereference in TOTOLINK N600R firmware v4.3.0cu.7866_B2022506 allows attackers to cause a Denial of Service. The TOTOLINK N600R is a dual-band wireless router released by the Korean brand TOTOLINK in 2013. It supports concurrent operation on the 2.4GHz and 5GHz bands and offers a maximum wireless transmission rate of 300Mbps
| VAR-202509-4534 | No CVE | MOXA NPort 5230 from MOXA Technology (Shanghai) Co., Ltd. has an unauthorized access vulnerability. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The MOXA NPort 5230 is an industrial-grade serial communication server, belonging to the category of electronic and industrial equipment.
A vulnerability exists in the MOXA NPort 5230 developed by MOXA Technology (Shanghai) Co., Ltd., allowing attackers to obtain sensitive information.
| VAR-202509-3975 | CVE-2025-52907 | TOTOLINK of x6000r Firmware Input Validation Vulnerability |
CVSS V2: 6.6 CVSS V3: 8.8 Severity: HIGH |
Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File Manipulation.This issue affects X6000R: through V9.4.0cu.1360_B20241207. (DoS) It may be in a state. The TOTOLINK X6000R, a wireless router released by China's TOTOLINK Electronics, supports Wi-Fi 6 technology, offering high concurrent connections and dual-band transmission capabilities
| VAR-202509-3974 | CVE-2025-52906 | TOTOLINK of x6000r in the firmware OS Command injection vulnerability |
CVSS V2: 9.0 CVSS V3: 9.8 Severity: CRITICAL |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1360_B20241207. TOTOLINK of x6000r The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK X6000R, a wireless router released by China's TOTOLINK Electronics, supports Wi-Fi 6 technology, offering high concurrent connections and dual-band transmission capabilities. Detailed vulnerability details are currently unavailable
| VAR-202509-4014 | CVE-2025-20339 | Cisco SD-WAN vEdge access control error vulnerability (CNVD-2025-29472) |
CVSS V2: 5.0 CVSS V3: 5.8 Severity: MEDIUM |
A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL.
This vulnerability is due to the improper enforcement of the implicit deny all at the end of a configured ACL. An attacker could exploit this vulnerability by attempting to send unauthorized traffic to an interface on an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. Cisco SD-WAN vEdge is a router manufactured by Cisco Systems, Inc
| VAR-202509-4136 | CVE-2025-21484 | Buffer over-read vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 8.2 Severity: HIGH |
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. sm8750 firmware, sm8750p firmware, SM8850 A buffer over-read vulnerability exists in firmware and other parts of multiple Qualcomm products.Information is obtained and service operation is interrupted (DoS) It may be in a state
| VAR-202509-3232 | CVE-2025-58319 | Delta Electronics, INC. of cncsoft-g2 Stack-based buffer overflow vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics, INC. of cncsoft-g2 Exists in a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DPAX files in the DOPSoft component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer.
Delta Electronics CNCSoft-G2 suffers from a stack buffer overflow vulnerability due to improper memory buffer manipulation restrictions
| VAR-202509-3422 | CVE-2025-58317 | Delta Electronics, INC. of cncsoft-g2 Stack-based buffer overflow vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics, INC. of cncsoft-g2 Exists in a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Delta Electronics CNCSoft-G2 suffers from a stack buffer overflow vulnerability due to improper memory buffer manipulation restrictions
| VAR-202509-2491 | CVE-2025-57636 | D-Link Corporation of di-7100g in the firmware OS Command injection vulnerability |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
OS Command injection vulnerability in D-Link C1 2020-02-21. The sub_47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time". The D-Link DI-7100G is a router designed for small and medium-sized enterprises that manages internet access. It supports Gigabit network transmission speeds (some models are marked as 100Mbps), features four WAN ports, one LAN port, and a built-in USB 2.0 port. It complies with the IEEE 802.11n/g/b wireless standards and the IEEE 802.3 wired standard. No detailed vulnerability details are currently available
| VAR-202509-1917 | CVE-2025-57638 |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.
| VAR-202509-2299 | CVE-2025-57637 | D-Link Corporation of di-7100g Heap-based buffer overflow vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Buffer overflow vulnerability in D-Link DI-7100G 2020-02-21 in the sub_451754 function of the jhttpd service in the viav4 parameter allowing attackers to cause a denial of service or execute arbitrary code. D-Link Corporation of di-7100g A heap-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The D-Link DI-7100G is a router designed for small and medium-sized enterprises that manages internet access. It supports Gigabit network transmission speeds (some models are marked as 100Mbps), features four WAN ports, one LAN port, and a built-in USB 2.0 port. It complies with the IEEE 802.11n/g/b wireless standards and the IEEE 802.3 wired standard.
The D-Link DI-7100G suffers from a buffer overflow vulnerability
| VAR-202509-3634 | CVE-2025-57639 | Shenzhen Tenda Technology Co.,Ltd. of AC9 in the firmware OS Command injection vulnerability |
CVSS V2: - CVSS V3: 6.5 Severity: MEDIUM |
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file. Shenzhen Tenda Technology Co.,Ltd
| VAR-202509-3075 | CVE-2025-52905 | TOTOLINK of x6000r Firmware vulnerabilities |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Improper Input Validation vulnerability in TOTOLINK X6000R allows Flooding.This issue affects X6000R: through V9.4.0cu.1360_B20241207. TOTOLINK of x6000r There are unspecified vulnerabilities in the firmware.Service operation interruption (DoS) It may be in a state. The TOTOLINK X6000R is a Wi-Fi 6 wireless router launched by TOTOLINK, a Chinese electronics company, featuring high-concurrency connections and dual-band transmission
| VAR-202509-3117 | CVE-2025-1131 |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
A local privilege escalation vulnerability exists in the safe_asterisk script included with the Asterisk toolkit package. When Asterisk is started via this script (common in SysV init or FreePBX environments), it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating ownership or permissions.
Non-root users with legitimate write access to /etc/asterisk can exploit this behaviour by placing malicious scripts in the startup.d directory, which will then execute with root privileges upon service restart.