VARIoT IoT vulnerabilities database
| VAR-202502-3781 | No CVE | SAMSUNG X6250 has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
SAMSUNG X6250 is an all-in-one computer.
SAMSUNG X6250 has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.
| VAR-202502-3792 | No CVE | Beijing Xingwang Ruijie Network Technology Co., Ltd. RG-UAC-6000-E20 has a command execution vulnerability |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
Beijing Xingwang Ruijie Network Technology Co., Ltd. is a provider of ICT infrastructure and industry solutions. Its main business is the research, design and sales of network equipment, network security products and cloud desktop solutions.
Beijing Xingwang Ruijie Network Technology Co., Ltd. RG-UAC-6000-E20 has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.
| VAR-202502-3808 | No CVE | Sony Group Corporation SNC-RZ50N has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
SNC-RZ50N is a network camera with day and night switching function.
Sony Group Corporation SNC-RZ50N has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3799 | No CVE | KONICA MINOLTA, INC. bizhub C258 has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
bizhub C258 is a color multifunction printer.
KONICA MINOLTA, INC. bizhub C258 has a weak password vulnerability that can be exploited by attackers to obtain sensitive information.
| VAR-202502-2329 | CVE-2025-22881 | Delta Electronics CNCSoft-G2 Buffer Overflow Vulnerability (CNVD-2025-12364) |
CVSS V2: 7.2 CVSS V3: - Severity: High |
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics CNCSoft-G2 is a human-machine interface (HMI) software from Delta Electronics, a Chinese company
| VAR-202502-3815 | No CVE | TOTOlink A3002R of Jiong Electronics (Shenzhen) Co., Ltd. has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Jiong Electronics (Shenzhen) Co., Ltd. is a high-tech foreign-invested enterprise specializing in the research and development, design, manufacturing and sales of various network products.
Jiong Electronics (Shenzhen) Co., Ltd. TOTOlink A3002R has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
| VAR-202502-3797 | No CVE | Samsung C3010ND has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
C3010ND is a laser printer.
Samsung C3010ND has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3853 | No CVE | Samsung (China) Investment Co., Ltd. C563FW has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Samsung (China) Investment Co., Ltd. is a company mainly engaged in investment activities, covering multiple fields, including sales and services of home appliances, electronic products, communication equipment, computer hardware and software, and auxiliary equipment.
Samsung (China) Investment Co., Ltd. C563FW has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3813 | No CVE | Sony SNC-RH164 has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
SNC-RH164 is a network high-definition speed dome camera.
Sony SNC-RH164 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3807 | No CVE | NETGEAR-WN3000RP has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
NETGEAR WN3000RP is a wireless access point with a frequency range of 2.4GHz.
NETGEAR WN3000RP has a weak password vulnerability that can be exploited by attackers to obtain sensitive information.
| VAR-202502-3790 | No CVE | Samsung C430W has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
C430W is a laser printer.
Samsung C430W has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3816 | No CVE | Samsung ML-331x has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Samsung ML-331x is a laser printer.
Samsung ML-331x has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.
| VAR-202502-3801 | No CVE | Konica Minolta (China) Investment Co., Ltd. MOBOTIX D25 has an unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Konica Minolta (China) Investment Co., Ltd. is a limited company whose main business is optical imaging, office equipment, medical and industrial equipment.
Konica Minolta (China) Investment Co., Ltd. MOBOTIX D25 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3802 | No CVE | Toshiba Corporation. e-STUDIO2515AC has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
e-STUDIO2515AC is a multifunctional color digital MFP.
Toshiba Corporation. e-STUDIO2515AC has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3819 | No CVE | Lexmark MC2535adwe has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Lexmark MC2535adwe is a color multifunction laser printer.
Lexmark MC2535adwe has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.
| VAR-202502-3855 | No CVE | Mitsubishi Electric (China) Co., Ltd. Mitsubishi M70 BND-1000W022-K1 has industrial control equipment vulnerabilities |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
M70 BND-1000W022-K1 is a digital controller.
Mitsubishi Electric (China) Co., Ltd. Mitsubishi M70 BND-1000W022-K1 has an industrial control device vulnerability, which can be exploited by attackers to cause denial of service.
| VAR-202502-3820 | No CVE | Lexmark Information Technology (China) Co., Ltd. Lexmark MX331adn printer has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The Lexmark MX331adn printer has functions such as single-sided automatic scanning, copying, faxing and touch screen.
The Lexmark MX331adn printer of Lexmark Information Technology (China) Co., Ltd. has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3818 | No CVE | Fujifilm Business Innovation (China) Co., Ltd. Xerox(R) C325 Color MFP has an unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Xerox(R) C325 Color MFP is an office device that integrates multiple functions such as printing, copying, scanning and faxing.
Fujifilm Business Innovation (China) Co., Ltd. Xerox(R) C325 Color MFP has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3782 | No CVE | Konica Minolta (China) Investment Co., Ltd. MOBOTIX v26 has an unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Konica Minolta (China) Investment Co., Ltd. is a limited company whose main business is optical imaging, office equipment, medical and industrial equipment.
There is an unauthorized access vulnerability in MOBOTIX v26 of Konica Minolta (China) Investment Co., Ltd., which can be exploited by attackers to obtain sensitive information.
| VAR-202502-3783 | No CVE | Beijing Topsec Technology Co., Ltd.'s Internet Behavior Management has a command execution vulnerability |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
Beijing Topsec Technology Co., Ltd. is an information security product and service solution provider.
Beijing Topsec Technology Co., Ltd. has a command execution vulnerability in its online behavior management, which can be exploited by attackers to execute arbitrary commands.