VARIoT IoT vulnerabilities database

VAR-202503-2639 | CVE-2023-3634 | Many Fesco products have denial of service vulnerabilities |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
MSE6-D2M-5000-CBUS-S-RG-BAR-VCB-AGD, MSE6-E2M-5000-FB13-AGD, MSE6-E2M-5000-FB37-AGD, etc. are all industrial control components.
Many products of festo have denial of service vulnerabilities, which can be exploited by attackers to gain control of the server.
VAR-202503-2527 | CVE-2025-2621 | D-Link Systems, Inc. of DAP-1620 Out-of-bounds write vulnerability in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: Critical |
A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DAP-1620 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202503-2642 | CVE-2025-2620 | D-Link Systems, Inc. of DAP-1620 Out-of-bounds write vulnerability in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: Critical |
A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DAP-1620 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DAP-1620 is a wireless repeater extender from D-Link, a Chinese company.
D-Link DAP-1620 mod_graph_auth_uri_handler function has a stack buffer overflow vulnerability, which can be exploited by attackers to execute arbitrary code on the system or cause a denial of service
VAR-202503-2673 | CVE-2025-2619 | D-Link Systems, Inc. of DAP-1620 Out-of-bounds write vulnerability in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: Critical |
A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function check_dws_cookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DAP-1620 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DAP-1620 is a wireless repeater extender from D-Link. The vulnerability is caused by the failure of the check_dws_cookie function of the Cookie processing component to correctly verify the length of the input data. Attackers can use this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202503-2528 | CVE-2025-2618 | D-Link Systems, Inc. of DAP-1620 Out-of-bounds write vulnerability in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: Critical |
A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of the component Path Handler. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DAP-1620 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202503-2695 | CVE-2025-29218 | Shenzhen Tenda Technology Co.,Ltd. of w18e Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 6.5 Severity: MEDIUM |
Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiPwd parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. Shenzhen Tenda Technology Co.,Ltd. of w18e A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state
VAR-202503-2702 | CVE-2025-29217 | Shenzhen Tenda Technology Co.,Ltd. of w18e Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 6.5 Severity: MEDIUM |
Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiSSID parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. Shenzhen Tenda Technology Co.,Ltd. of w18e A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state
VAR-202503-2565 | CVE-2025-29215 | Shenzhen Tenda Technology Co.,Ltd. of AX12 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 6.5 Severity: MEDIUM |
Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList. Shenzhen Tenda Technology Co.,Ltd. of AX12 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state
VAR-202503-2588 | CVE-2025-29214 | Shenzhen Tenda Technology Co.,Ltd. of AX12 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg. Shenzhen Tenda Technology Co.,Ltd. of AX12 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state
VAR-202503-1033 | CVE-2025-29101 | Shenzhen Tenda Technology Co.,Ltd. of AC8 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function. Shenzhen Tenda Technology Co.,Ltd. of AC8 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state
VAR-202503-0574 | CVE-2025-29387 | Shenzhen Tenda Technology Co.,Ltd. of AC9 Out-of-bounds write vulnerability in firmware |
CVSS V2: - CVSS V3: 7.1 Severity: HIGH |
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. Shenzhen Tenda Technology Co.,Ltd. of AC9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202503-0655 | CVE-2025-29386 | Shenzhen Tenda Technology Co.,Ltd. of AC9 Out-of-bounds write vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. Shenzhen Tenda Technology Co.,Ltd. of AC9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202503-0549 | CVE-2025-29385 | Shenzhen Tenda Technology Co.,Ltd. of AC9 Out-of-bounds write vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. Shenzhen Tenda Technology Co.,Ltd. of AC9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202503-0623 | CVE-2025-29384 | Shenzhen Tenda Technology Co.,Ltd. of AC9 Out-of-bounds write vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. Shenzhen Tenda Technology Co.,Ltd. of AC9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202503-2140 | CVE-2025-29362 | Tenda RX3 /goform/setPptpUserList buffer overflow vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the list parameter at /goform/setPptpUserList. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. Tenda RX3 is a dual-band WiFi 6 home wireless router from China's Tenda Company
VAR-202503-0301 | CVE-2025-27396 | Siemens SCALANCE LPE9403 Privilege Escalation Vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality.
This could allow an authenticated lowly-privileged remote attacker to escalate their privileges. Siemens SCALANCE LPE9403 is a local processing engine for industrial field data processing of Siemens, Germany. It is used to capture, collect and pre-process industrial field data.
Siemens SCALANCE LPE9403 has a privilege escalation vulnerability. Attackers can exploit this vulnerability to elevate privileges
VAR-202503-0324 | CVE-2025-2233 | (0Day) (Pwn2Own) Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Hub Local API service, which listens on TCP port 8766 by default. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25615
VAR-202503-0647 | CVE-2024-56192 | Google Pixel Watch Buffer Overflow Vulnerability |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Google Pixel Watch is a durable smartwatch from Google.
There is a buffer overflow vulnerability in Google Pixel Watch. The vulnerability is caused by the lack of boundary check in wl_notify_gscan_event of wl_cfgscan.c
VAR-202503-0619 | CVE-2024-56191 | Google Pixel Watch Integer Overflow Vulnerability |
CVSS V2: 7.2 CVSS V3: 8.4 Severity: HIGH |
In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Google Pixel Watch is a durable smartwatch from Google
VAR-202503-0652 | CVE-2024-56187 | Google Pixel Logic Error Vulnerability (CNVD-2025-05455) |
CVSS V2: 5.7 CVSS V3: 6.6 Severity: MEDIUM |
In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Google Pixel is a smartphone from Google, an American company