VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202506-2580 No CVE Toshiba (China) Co., Ltd. Shanghai Branch e-STUDIO409S has unauthorized access vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
e-STUDIO409S is a printer. Toshiba (China) Co., Ltd. Shanghai Branch e-STUDIO409S has an unauthorized access vulnerability, and attackers can exploit the vulnerability to obtain sensitive information.
VAR-202506-2993 No CVE ZTE Corporation ZT199 has weak password vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
ZT199 is a mobile phone. ZTE Corporation's ZT199 has a weak password vulnerability, which can be exploited by attackers to log in to the system and obtain sensitive information.
VAR-202506-2185 No CVE Xerox Corporation's products have unauthorized access vulnerabilities CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Xerox Corporation is a long-established American multinational company, originally known for its copier technology, and has now transformed into a digital and document solution provider, with businesses covering printers, scanners, digital printing systems, and document management services. Many products of Xerox Corporation have unauthorized access vulnerabilities, which attackers can exploit to obtain sensitive information.
VAR-202506-2797 No CVE Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) C230 Color Printer has a denial of service vulnerability CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Fujifilm Xerox(R) C230 Color Printer is a color laser printer, mainly used for printing needs in office environments. Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) C230 Color Printer has a denial of service vulnerability, and attackers can exploit the vulnerability to cause printer service interruption.
VAR-202506-2186 No CVE NETGEAR Gateway C6300BD has weak password vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
NETGEAR Gateway C6300BD is a cable modem and router in one device, designed to provide quality wireless network coverage and high-speed Internet connection for the home. NETGEAR Gateway C6300BD has a weak password vulnerability, which can be exploited by attackers to log in to the system and obtain sensitive information.
VAR-202506-2792 No CVE Tatung World Technology Co., Ltd. Tatung lOT Edge Setting has a command execution vulnerability CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Tatung World Technology Co., Ltd. has two main entities: one is a listed company headquartered in Taiwan, China (established in 2000), and the other is a newly established company located in Hunan (established in 2025). The Taiwanese company focuses on telecommunications and system integration services and ranks among the top five system integrators in Taiwan; the Hunan company focuses on computer system security and biotechnology. Tatung World Technology Co., Ltd. Tatung lOT Edge Setting has a command execution vulnerability, which can be exploited by attackers to execute arbitrary code.
VAR-202506-3000 No CVE Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) B225 MFP has a denial of service vulnerability CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Fujifilm (China) Investment Co., Ltd. was established in 2001. It is a branch of Fujifilm Group in China. Its headquarter is located in Pudong New Area, Shanghai. Its business covers civilian products (such as digital cameras, instant imaging cameras and photo printing solutions), medical products (including endoscopes, CT systems, medical IT systems, and ultrasound equipment), commercial products (such as printing equipment, optical equipment, and data storage solutions) and semiconductor material research and development. Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) B225 MFP has a denial of service vulnerability. Attackers can exploit the vulnerability to cause printer service interruption.
VAR-202506-2995 No CVE Canon (China) Co., Ltd. Canon iR-ADV C5535 has a weak password vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Canon iR-ADV C5535 is a high-performance color digital multifunction machine with multiple functions such as copying, printing, scanning and faxing. Canon iR-ADV C5535 of Canon (China) Co., Ltd. has a weak password vulnerability. Attackers can use the vulnerability to log in to the system and obtain sensitive information.
VAR-202506-2588 No CVE Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) C315 Color MFP has a denial of service vulnerability CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Fujifilm (China) Investment Co., Ltd. was established in 2001. It is a branch of Fujifilm Group in China. Its headquarters is located in Pudong New Area, Shanghai. Its business covers civilian products (such as digital cameras, instant imaging cameras and photo printing solutions), medical products (including endoscopes, CT systems, medical IT systems, and ultrasound equipment), commercial products (such as printing equipment, optical equipment, and data storage solutions) and semiconductor material research and development. Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) C315 Color MFP has a denial of service vulnerability. Attackers can exploit the vulnerability to cause printer service interruption.
VAR-202506-2793 No CVE H3C Magic NX15000 of H3C Technologies Co., Ltd. has a command execution vulnerability CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to obtain server permissions.
VAR-202506-2584 No CVE H3C Magic NX15000 of H3C Technologies Co., Ltd. has a command execution vulnerability CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.
VAR-202506-1049 CVE-2025-46035 Shenzhen Tenda Technology Co.,Ltd.  of  AC6  Classic buffer overflow vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint. Shenzhen Tenda Technology Co.,Ltd. of AC6 Firmware has a classic buffer overflow vulnerability.Information may be obtained. The vulnerability is caused by the failure of the schedStartTime and schedEndTime parameters in the /goform/openSchedWifi endpoint to correctly verify the length of the input data. No detailed vulnerability details are currently provided
VAR-202506-0609 CVE-2025-5826 plural  autel  Vulnerabilities related to misinterpretation of input in the product CVSS V2: 5.8
CVSS V3: 6.3
Severity: MEDIUM
Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ble_process_esp32_msg function. The issue results from misinterpretation of input data. An attacker can leverage this vulnerability to execute AT commands in the context of the device. Was ZDI-CAN-26368. maxicharger ac elite business c50 firmware, MaxiCharger AC Pro firmware, MaxiCharger AC Ultra firmware etc. autel The product contains a vulnerability related to misinterpretation of input.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, an American company
VAR-202506-0589 CVE-2025-5827 plural  autel  Stack-based buffer overflow vulnerability in products CVSS V2: 8.3
CVSS V3: 8.8
Severity: HIGH
Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ble_process_esp32_msg function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26369. maxicharger ac elite business c50 firmware, MaxiCharger AC Pro firmware, MaxiCharger AC Ultra firmware etc. autel The product contains a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company. The vulnerability is caused by the ble_process_esp32_msg function failing to properly verify the length of the input data
VAR-202506-0586 CVE-2025-6678 plural  autel  Vulnerability related to lack of authentication for critical functions in the product CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Pile API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26352. maxicharger ac elite business c50 firmware, MaxiCharger AC Pro firmware, MaxiCharger AC Ultra firmware etc. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company
VAR-202506-3002 No CVE H3C Magic NX15000 of H3C Technologies Co., Ltd. has an unauthorized access vulnerability CVSS V2: 6.4
CVSS V3: -
Severity: MEDIUM
H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.
VAR-202506-0614 CVE-2025-5475 Sony Corporation's  XAV-AX8500  Integer overflow vulnerability in firmware CVSS V2: 6.8
CVSS V3: 7.5
Severity: HIGH
Sony XAV-AX8500 Bluetooth Packet Handling Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Bluetooth packets. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the elysian-bt-service process. Was ZDI-CAN-26283. (DoS) It may be in a state. SONY XAV-AX8500 is a car AV receiver with enhanced functions
VAR-202506-0616 CVE-2025-5829 plural  autel  Stack-based buffer overflow vulnerability in products CVSS V2: 8.3
CVSS V3: 6.8
Severity: MEDIUM
Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26330. maxicharger ac elite business c50 firmware, MaxiCharger AC Pro firmware, MaxiCharger AC Ultra firmware etc. autel The product contains a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company. The vulnerability is caused by the JSON message failing to properly validate the length of the input data
VAR-202506-0598 CVE-2025-5477 Sony Corporation's  XAV-AX8500  Heap-based buffer overflow vulnerability in firmware CVSS V2: 6.8
CVSS V3: 7.5
Severity: HIGH
Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the Bluetooth L2CAP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the elysian-bt-service process. Was ZDI-CAN-26286. (DoS) It may be in a state. SONY XAV-AX8500 is a car AV receiver with enhanced functions
VAR-202506-0579 CVE-2025-5479 Sony Corporation's  XAV-AX8500  Heap-based buffer overflow vulnerability in firmware CVSS V2: 6.8
CVSS V3: 7.5
Severity: HIGH
Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the Bluetooth AVCTP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26290. (DoS) It may be in a state. SONY XAV-AX8500 is a car AV receiver with enhanced functions