VARIoT IoT vulnerabilities database

Chengdu Feiyuxing Technology Co., Ltd. is one of the few local enterprises in the industry with independent intellectual property rights and independent research and development capabilities. It is a high-tech enterprise focusing on product innovation and research in the data communication industry and the Internet of Things industry. There is an arbitrary file download vulnerability in the Feiyuxing next-generation firewall security gateway, which can be exploited by attackers to obtain sensitive information.

Shanghai Huayi Technology Group Co., Ltd. is a company mainly engaged in the research and development, manufacturing of test benches in the field of automotive powertrain and the provision of related technical services. An arbitrary file download vulnerability exists in the multi-service security gateway of Shanghai Huayi Technology Group Co., Ltd., which can be exploited by attackers to obtain sensitive information.

Raisecomda Technology Development Co., Ltd. focuses on the field of optical fiber broadband access, and is committed to the integration of optical fiber technology, Ethernet technology and broadband access technology. The security router of Rascomda Technology Development Co., Ltd. has an arbitrary file download vulnerability, which can be exploited by attackers to obtain sensitive information.

Hangzhou Hikvision Digital Technology Co., Ltd. is a leading provider of security products and industry solutions. The Hikvision secure access gateway has an arbitrary file download vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Hangzhou Hikvision Digital Technology Co., Ltd. is a leading provider of security products and industry solutions. Hikvision security access gateway has weak password vulnerability. Attackers can use this vulnerability to log in to the background to obtain sensitive information.

As the core business unit of StarNet Ruijie for smart communications, StarNet Wisdom is a leading provider of converged communication solutions in China. Starnet Smart SVG6000 series voice gateways have weak password vulnerabilities. The attacker uses a weak password to log in to the background to obtain sensitive information.

A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router via a specially-crafted HTTP GET request to the t parameter. Insufficient input validation allows unauthenticated attackers to execute arbitrary OS commands.  Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-25 UTC. Shenzhen Airspace Technology Co., Ltd. ("Airspace Technology" for short) is a network communication equipment supplier rooted in Shenzhen and radiating the world. An attacker can use this vulnerability to gain control of the server

Huawei HG659 is a home gateway. Huawei HG659 has arbitrary file reading vulnerabilities. Attackers can use the vulnerabilities to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. Axis 2120 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS M3114 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS M5014 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS M3113 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS M3025 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS P5534 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS P3344 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS P1353 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Cisco IP Phone CP-8865 is an enterprise-class IP phone. Cisco IP Phone CP-8865 has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS 2130R PTZ Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS M7014 Video Encoder has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. AXIS 206M Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.