VARIoT IoT vulnerabilities database
| VAR-202603-4859 | CVE-2026-33280 |
CVSS V2: - CVSS V3: 7.2 Severity: High |
Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.
| VAR-202603-4863 | CVE-2026-32678 |
CVSS V2: - CVSS V3: 7.5 Severity: High |
Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.
| VAR-202603-4862 | CVE-2026-32669 |
CVSS V2: - CVSS V3: 8.8 Severity: High |
Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products.
| VAR-202603-4860 | CVE-2026-27650 |
CVSS V2: - CVSS V3: 8.8 Severity: High |
OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.
| VAR-202603-4856 | CVE-2026-4906 | Shenzhen Tenda Technology Co.,Ltd. of AC5 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-4927 | CVE-2026-4905 | Shenzhen Tenda Technology Co.,Ltd. of AC5 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Exploits for this vulnerability are publicly available and may be used in attacks.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-5004 | CVE-2026-4904 | Shenzhen Tenda Technology Co.,Ltd. of AC5 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The exploit is publicly available and could be misused.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-4905 | CVE-2026-4903 | Shenzhen Tenda Technology Co.,Ltd. of AC5 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used. The exploit has been exposed and is potentially being exploited.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-4936 | CVE-2026-4902 | Shenzhen Tenda Technology Co.,Ltd. of AC5 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This exploit is now public and could be exploited.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-5074 | CVE-2026-3622 | TP-LINK Technologies of TL-WR841N Out-of-bounds read vulnerability in firmware |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service.
Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition.
This vulnerability affects TL-WR841N v14 < EN_0.9.1 4.19 Build 260303 Rel.42399n (V14_260303) and < US_0.9.1.4.19 Build 260312 Rel. 49108n (V14_0304). DoS This causes the following condition. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-5327 | CVE-2025-15101 | ASUSTeK Computer Inc. of ASUS Multiple vulnerabilities in firmware |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter.
Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information. This vulnerability allows authenticated users to perform operations on affected devices using existing privileges, and may also allow them to execute system commands in an unintended manner. For more information, see [link/reference]. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-6129 | CVE-2026-20108 | Cisco Systems Cisco Catalyst SD-WAN Manager Cross-site scripting vulnerability in |
CVSS V2: - CVSS V3: 5.4 Severity: MEDIUM |
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. XSS This vulnerability could allow an attacker to exploit it. - Some of the information handled by the software may be overwritten. - The software will not stop
| VAR-202603-3926 | CVE-2025-15606 | TP-LINK Technologies of TD-W8961ND Firmware Input Validation Vulnerability |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
A Denial-of-Service (DoS) vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploitation may allow the attacker to cause service interruption, resulting in a DoS condition. httpd The service will crash. If the attack is successful, the service will be interrupted. DoS This may lead to a certain condition.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-2528 | CVE-2026-4567 | Shenzhen Tenda Technology Co.,Ltd. of A15 Multiple vulnerabilities in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: High |
A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The exploit is publicly available and can be exploited.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-2415 | CVE-2026-4566 | Belkin International of F9K1122 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Belkin F9K1122 version 1.00.33 A vulnerability was discovered in . All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-2355 | CVE-2026-4565 | Shenzhen Tenda Technology Co.,Ltd. of ac21 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. This exploit is currently public and could be exploited.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-2502 | CVE-2026-4544 | WAVLINK of WL-WN578W2 Multiple vulnerabilities in firmware |
CVSS V2: 3.3 CVSS V3: 2.4 Severity: Low |
A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/login_page can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. The exploitation method for this vulnerability has already been published and may be used. We reported this vulnerability to the vendor early on, but they did not take action.Some of the information handled by the software may be leaked to the outside. Also, some of the information handled by the software may be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability may affect other software
| VAR-202603-2391 | CVE-2026-4543 | WAVLINK of WL-WN578W2 Multiple vulnerabilities in firmware |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Low |
A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation of the argument dmz_flag/del_flag results in command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Also, some of the information handled by the software may be rewritten. Furthermore, some of the software may stop functioning. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-2504 | CVE-2026-4535 | Shenzhen Tenda Technology Co.,Ltd. of fh451 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file /goform/WrlclientSet. Such manipulation of the argument GO leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The exploit is publicly available and could be exploited.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software
| VAR-202603-2458 | CVE-2026-4534 | Shenzhen Tenda Technology Co.,Ltd. of fh451 Multiple vulnerabilities in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. This manipulation of the argument GO causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. The exploit has been exposed and may be exploited.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software