VARIoT IoT vulnerabilities database
| VAR-202508-2065 | CVE-2025-9303 | TOTOLINK of A720R Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument desc results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. TOTOLINK of A720R The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK A702R is a wireless router manufactured by the Chinese company TOTOLINK, primarily used for home network connectivity and signal coverage.
The TOTOLINK A702R suffers from a buffer overflow vulnerability caused by a failure to properly validate the length of input data in the desc parameter. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service
| VAR-202508-2573 | CVE-2025-55564 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments.
The Tenda AC15 suffers from a stack buffer overflow vulnerability caused by the fromSetIpMacBind function's failure to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service
| VAR-202508-2063 | CVE-2025-9299 | Shenzhen Tenda Technology Co.,Ltd. of m3 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability has been found in Tenda M3 1.0.0.12. Affected by this vulnerability is the function formGetMasterPassengerAnalyseData of the file /goform/getMasterPassengerAnalyseData. The manipulation of the argument Time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of m3 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202508-2069 | CVE-2025-9298 | Shenzhen Tenda Technology Co.,Ltd. of m3 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A flaw has been found in Tenda M3 1.0.0.12. Affected is the function formQuickIndex of the file /goform/QuickIndex. Executing manipulation of the argument PPPOEPassword can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. Shenzhen Tenda Technology Co.,Ltd. of m3 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202508-2066 | CVE-2025-9297 | Shenzhen Tenda Technology Co.,Ltd. of i22 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was detected in Tenda i22 1.0.0.3(4687). This impacts the function formWeixinAuthInfoGet of the file /goform/wxportalauth. Performing manipulation of the argument Type results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. Shenzhen Tenda Technology Co.,Ltd. of i22 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202508-2966 | No CVE | Netis WF2880 has a denial of service vulnerability |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
The Netis WF2880 is a wireless router from the Chinese company Netis.
The Netis WF2880 has a denial of service vulnerability that could be exploited by an attacker to cause a denial of service.
| VAR-202508-3066 | No CVE | H3C Magic BR3000W from H3C Technologies Co., Ltd. has an arbitrary file read vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The H3C Magic BR3000W is a Wi-Fi 6 wireless router.
The H3C Magic BR3000W from H3C Technologies Co., Ltd. has an arbitrary file read vulnerability that could allow attackers to obtain sensitive information.
| VAR-202508-3271 | No CVE | Zhongqin Communication Equipment Trading (Shanghai) Co., Ltd. NWA90AX has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The NWA90AX is a commercial-grade wireless access point.
Zhongqin Communication Equipment Trading (Shanghai) Co., Ltd.'s NWA90AX device has a weak password vulnerability that could allow attackers to log into the system and obtain sensitive information.
| VAR-202508-3454 | No CVE | Shenzhen Tongwei Digital Technology Co., Ltd.'s Web camera has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Shenzhen Tongwei Digital Technology Co., Ltd. is a provider of video surveillance products and system solutions, integrating R&D, production, sales, and service.
Shenzhen Tongwei Digital Technology Co., Ltd.'s web camera has a weak password vulnerability that could allow attackers to log into the system and obtain sensitive information.
| VAR-202508-3068 | No CVE | Tenda AC8 has a binary vulnerability |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
The AC8 is a dual-band, triple-gigabit wireless router suitable for homes with fiber optic connections up to 1000Mbps. It supports gigabit ports, intelligent frequency band optimization, and parental controls.
The Tenda AC8 contains a binary vulnerability that could be exploited to cause a denial of service.
| VAR-202508-2967 | No CVE | Tenda AC10 has a binary vulnerability |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
The AC10 is a high-performance router designed with gigabit ports on both the WAN and LAN ports.
The Tenda AC10 contains a binary vulnerability that could be exploited to cause a denial of service.
| VAR-202508-3067 | No CVE | INSTAR Full-HD IP-Camera has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The INSTAR Full-HD IP Camera is an IP camera that supports high-definition video surveillance.
The INSTAR Full-HD IP Camera has a weak password vulnerability that could allow attackers to log into the system and obtain sensitive information.
| VAR-202508-2846 | No CVE | Advantech Technology (China) Co., Ltd.'s ECU-1051 has a logic flaw vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The ECU-1051 is an industrial IoT cloud-based intelligent communication gateway.
Advantech Technology (China) Co., Ltd.'s ECU-1051 has a logic flaw that could allow attackers to obtain sensitive information.
| VAR-202508-3270 | No CVE | FLIR AX8 has an arbitrary file read vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The FLIR AX8 is a series of thermal surveillance cameras.
The FLIR AX8, manufactured by the US company FLIR, has an arbitrary file read vulnerability that could allow attackers to obtain sensitive information.
| VAR-202508-3574 | No CVE | Zhejiang Uniview Technology Co., Ltd. NVR-110D-A has an unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The NVR-110D-A is a member of the NVR-D series network video recorders from Uniview Technologies.
Zhejiang Uniview Technology Co., Ltd.'s NVR-110D-A has an unauthorized access vulnerability that could allow attackers to obtain sensitive information.
| VAR-202508-2965 | No CVE | D-Link Electronic Equipment (Shanghai) Co., Ltd. DI-7003G has a command execution vulnerability |
CVSS V2: 6.0 CVSS V3: - Severity: MEDIUM |
The DI-7003G is an enterprise-class router.
The DI-7003G router of D-Link Electronics (Shanghai) Co., Ltd. has a command execution vulnerability that could allow an attacker to execute commands.
| VAR-202508-2731 | No CVE | Tenda AC10 has a binary vulnerability |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
The AC10 is a high-performance router designed with gigabit ports on both the WAN and LAN ports.
The Tenda AC10 contains a binary vulnerability that could be exploited to cause a denial of service.
| VAR-202508-2052 | CVE-2025-9253 | Linksys of RE6250 Buffer error vulnerabilities in firmware and other products from multiple vendors |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RP_doSpecifySiteSurvey of the file /goform/RP_doSpecifySiteSurvey. The manipulation of the argument ssidhex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Linksys of RE6250 Firmware and other products from multiple vendors contain buffer error vulnerabilities and stack-based buffer overflow vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202508-2091 | CVE-2025-9252 | Linksys of RE6250 Buffer error vulnerabilities in firmware and other products from multiple vendors |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function DisablePasswordAlertRedirect of the file /goform/DisablePasswordAlertRedirect. Executing manipulation of the argument hint can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Linksys of RE6250 Firmware and other products from multiple vendors contain buffer error vulnerabilities and stack-based buffer overflow vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202508-2070 | CVE-2025-9251 | Linksys of RE6250 Buffer error vulnerabilities in firmware and other products from multiple vendors |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function sta_wps_pin of the file /goform/sta_wps_pin. Performing manipulation of the argument Ssid results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Linksys of RE6250 Firmware and other products from multiple vendors contain buffer error vulnerabilities and stack-based buffer overflow vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state