VARIoT IoT vulnerabilities database
| VAR-202508-1093 | CVE-2025-50613 | Netis Systems Co., Ltd. of WF2880 Classic buffer overflow vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis
| VAR-202508-1677 | CVE-2025-50612 | Netis Systems Co., Ltd. of WF2880 Classic buffer overflow vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis
| VAR-202508-1556 | CVE-2025-50611 | Netis Systems Co., Ltd. of WF2880 Classic buffer overflow vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set_5g and wl_sec_rp_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis
| VAR-202508-1332 | CVE-2025-50610 | Netis WF2880 FUN_00476598 function buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. The Netis WF2880 is a wireless router from the Chinese company Netis
| VAR-202508-1934 | CVE-2025-50609 | Netis Systems Co., Ltd. of WF2880 Classic buffer overflow vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the Function_00465620 of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of specify_parame in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis
| VAR-202508-0955 | CVE-2025-50608 | Netis Systems Co., Ltd. of WF2880 Classic buffer overflow vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis
| VAR-202508-0742 | CVE-2024-40588 | Relative Path Traversal Vulnerability in Multiple Fortinet Products |
CVSS V2: - CVSS V3: 4.4 Severity: MEDIUM |
Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 all versions, FortiMail 6.4 all versions, FortiNDR 7.6.0 through 7.6.1, FortiNDR 7.4.0 through 7.4.6, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiRecorder 6.4 all versions, FortiVoice 7.0.0 through 7.0.3, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests. FortiCamera firmware, FortiMail , FortiNDR Multiple Fortinet products, including the following, contain a relative path traversal vulnerability.Information may be obtained
| VAR-202508-0879 | CVE-2025-26863 | Intel 700 Series Ethernet Denial of Service Vulnerability |
CVSS V2: 1.7 CVSS V3: 3.8 Severity: Medium |
Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. An attacker could exploit this vulnerability to cause a denial of service
| VAR-202508-1707 | CVE-2025-26697 | Intel 700 Series Ethernet Denial of Service Vulnerability (CNVD-2025-19268) |
CVSS V2: 1.7 CVSS V3: 3.3 Severity: Medium |
Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. An attacker could exploit this vulnerability to cause a denial of service
| VAR-202508-1590 | CVE-2025-25273 | Intel 700 Series Ethernet Privilege Escalation Vulnerability |
CVSS V2: 6.0 CVSS V3: 7.8 Severity: High |
Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. An attacker could exploit this vulnerability to escalate privileges
| VAR-202508-0992 | CVE-2025-24486 | Intel 700 Series Ethernet Input Validation Error Vulnerability |
CVSS V2: 6.0 CVSS V3: 7.8 Severity: High |
Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation
| VAR-202508-1254 | CVE-2025-24305 | Intel Xeon Processors Privilege Escalation Vulnerability |
CVSS V2: 5.3 CVSS V3: 7.2 Severity: High |
Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. Intel Xeon Processors are a series of processors designed for enterprise servers, workstations, and the high-performance computing (HPC) market. They primarily serve data centers, cloud computing, and artificial intelligence. Detailed vulnerability details are currently unavailable
| VAR-202508-1000 | CVE-2025-21090 | Intel Xeon Processors Denial of Service Vulnerability |
CVSS V2: 4.6 CVSS V3: 6.5 Severity: Medium |
Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access. Intel Xeon Processors are a series of processors designed for enterprise servers, workstations, and high-performance computing (HPC) markets. They primarily serve data centers, cloud computing, and artificial intelligence. Attackers can exploit this vulnerability to cause a denial of service
| VAR-202508-2143 | CVE-2025-21086 | Intel 700 Series Ethernet Input Validation Error Vulnerability |
CVSS V2: 5.5 CVSS V3: 7.5 Severity: Medium |
Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. Detailed vulnerability details are currently unavailable
| VAR-202508-2839 | CVE-2025-20053 | Intel Xeon Processors Privilege Escalation Vulnerability (CNVD-2025-21340) |
CVSS V2: 5.3 CVSS V3: 7.2 Severity: High |
Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. Intel Xeon Processors are a series of processors designed for enterprise servers, workstations, and the high-performance computing (HPC) market. They primarily serve data centers, cloud computing, and artificial intelligence. Detailed vulnerability details are not currently available
| VAR-202508-0356 | CVE-2025-40751 | Siemens' SIMATIC RTLS Locating Manager Vulnerability regarding insufficient protection of authentication information in |
CVSS V2: - CVSS V3: 6.3 Severity: Medium |
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role. Siemens' SIMATIC RTLS Locating Manager There are vulnerabilities in inadequate protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202508-0383 | CVE-2025-40746 | Siemens' SIMATIC RTLS Locating Manager Vulnerability in |
CVSS V2: - CVSS V3: 9.1 Severity: Critical |
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges. Siemens' SIMATIC RTLS Locating Manager Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202508-0355 | CVE-2025-30034 | Siemens' SIMATIC RTLS Locating Manager Reachable Assertiveness Vulnerability in |
CVSS V2: - CVSS V3: 6.2 Severity: Medium |
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition. Siemens' SIMATIC RTLS Locating Manager Exists in a reachable assertiveness vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202508-3769 | No CVE | Multiple SIEMENS product privilege escalation vulnerabilities |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
The SIMATIC Information Server is used for reporting and visualization of process data stored in the SIMATIC Process Historian. SIMATIC PDM MS provides independent field device management, diagnostics, and data acquisition across multiple communication protocols, independent of the automation project. The SIMATIC Process Historian is the long-term archiving system for SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC PCS neo. It stores process values, alarms, and batch data from production plants in its database and provides historical process data for reporting and visualization applications. SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications requiring a high degree of customer-specific adaptability, large or complex applications, and applications and projects with specific system requirements or functionality.
Several SIEMENS products contain a privilege escalation vulnerability that could be exploited by an attacker to escalate privileges.
| VAR-202508-0342 | CVE-2025-40752 | Siemens POWER METER SICAM Q100/Q200 Information Disclosure Vulnerability |
CVSS V2: 4.9 CVSS V3: 6.2 Severity: Medium |
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 < V2.80). Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes