VARIoT IoT vulnerabilities database

H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

Fujifilm (China) Investment Co., Ltd. was established in 2001. It is a branch of Fujifilm Group in China. Its headquarters is located in Pudong New Area, Shanghai. Its business covers civilian products (such as digital cameras, instant imaging cameras and photo printing solutions), medical products (including endoscopes, CT systems, medical IT systems, and ultrasound equipment), commercial products (such as printing equipment, optical equipment, and data storage solutions) and semiconductor material research and development. Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) C315 Color MFP has a denial of service vulnerability. Attackers can exploit the vulnerability to cause printer service interruption.

H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has a service parameter injection vulnerability, which can be exploited by attackers to execute arbitrary commands.

H3C Magic NX15000 10G Wi-Fi 6 Router is a high-end router for users and groups who pursue full-house coverage and high-quality networks. H3C Magic NX15000 10G Wi-Fi 6 Router of H3C Technologies Co., Ltd. has a command execution vulnerability. Attackers can use the vulnerability to inject malicious code and obtain server permissions.

Founded in 2009, Phicomm Data Communication Technology Co., Ltd. is a high-tech enterprise integrating R&D, manufacturing and sales, and is committed to providing customers with mobile terminals, data communications, cloud computing and other technical equipment and overall solutions and services. Shanghai Phicomm Data Communication Technology Co., Ltd. FR3008 has a command execution vulnerability, and attackers can exploit the vulnerability to execute commands.

Fujifilm Xerox(R) C230 Color Printer is a color laser printer, mainly used for printing needs in office environments. Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) C230 Color Printer has a denial of service vulnerability, and attackers can exploit the vulnerability to cause printer service interruption.

Tatung World Technology Co., Ltd. has two main entities: one is a listed company headquartered in Taiwan, China (established in 2000), and the other is a newly established company located in Hunan (established in 2025). The Taiwanese company focuses on telecommunications and system integration services and ranks among the top five system integrators in Taiwan; the Hunan company focuses on computer system security and biotechnology. Tatung World Technology Co., Ltd. Tatung lOT Edge Setting has a command execution vulnerability, which can be exploited by attackers to execute arbitrary code.

NETGEAR Gateway C6300BD is a cable modem and router in one device, designed to provide quality wireless network coverage and high-speed Internet connection for the home. NETGEAR Gateway C6300BD has a weak password vulnerability, which can be exploited by attackers to log in to the system and obtain sensitive information.

Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the Platinum Host Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM

D-link DWR-M961 is a 4G AC1200 LTE router. D-Link Electronics (Shanghai) Co., Ltd. DWR-M961 has a command execution vulnerability, and attackers can exploit the vulnerability to execute commands.

SAMSUNG is a multinational company from South Korea, with businesses in electronics, finance, machinery, chemistry and many other fields. SAMSUNG SL-M38230ND has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Suzhou Keda Technology Co., Ltd. is a leading provider of video and security products and solutions. There is a logic defect vulnerability in the MSS streaming media server of Suzhou Keda Technology Co., Ltd., which can be exploited by attackers to illegally create new user accounts and elevate permissions when logging in.

e-STUDIO409S is a printer. Toshiba (China) Co., Ltd. Shanghai Branch e-STUDIO409S has an unauthorized access vulnerability, and attackers can exploit the vulnerability to obtain sensitive information.

Xerox Corporation is a long-established American multinational company, originally known for its copier technology, and has now transformed into a digital and document solution provider, with businesses covering printers, scanners, digital printing systems, and document management services. Many products of Xerox Corporation have unauthorized access vulnerabilities, which attackers can exploit to obtain sensitive information.

H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

ZT199 is a mobile phone. ZTE Corporation's ZT199 has a weak password vulnerability, which can be exploited by attackers to log in to the system and obtain sensitive information.

Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint. Shenzhen Tenda Technology Co.,Ltd. of AC6 Firmware has a classic buffer overflow vulnerability.Information may be obtained. The vulnerability is caused by the failure of the schedStartTime and schedEndTime parameters in the /goform/openSchedWifi endpoint to correctly verify the length of the input data. No detailed vulnerability details are currently provided

H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.

Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the Autel Technician API. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26351. maxicharger ac elite business c50 firmware, MaxiCharger AC Pro firmware, MaxiCharger AC Ultra firmware etc. autel The product contains a vulnerability related to exposing dangerous methods or functions.Information may be obtained. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company

Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. An attacker must first obtain a low-privileged authorization token in order to exploit this vulnerability. The specific flaw exists within the implementation of the Autel Technician API. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-26325. maxicharger ac elite business c50 firmware, MaxiCharger AC Pro firmware, MaxiCharger AC Ultra firmware etc. autel The product contains an incorrect authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company