VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202606-3962 CVE-2026-47339 Apache Software Foundation of APISIX Fraud related to unauthorized authentication in CVSS V2: -
CVSS V3: 8.1
Severity: HIGH
Incorrect Authorization vulnerability in Apache APISIX. An attacker can capitalise on authz-casdoor plugin under default configuration to authenticate themselves with credentials from a different source. This issue affects Apache APISIX: from 2.14.1 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the issue. An attacker could exploit the default settings. This is a problem. 3.17.0 We recommend that you upgrade to .- All information handled by the software may be leaked to external parties. - All information handled by the software may be overwritten. - The software will not stop
VAR-202606-3918 CVE-2026-44915 Apache Software Foundation of APISIX Open redirect vulnerability in CVSS V2: -
CVSS V3: 6.1
Severity: MEDIUM
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The default configuration of cas-auth in Apache APISIX is vulnerable to phishing and credential theft. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the issue. Apache APISIX This includes accessing untrusted sites. 3.17.0 We recommend that you upgrade to .- Some of the information handled by the software may be leaked to external parties. - Some of the information handled by the software may be overwritten. - The software will not stop
VAR-202606-3793 CVE-2026-44087 Apache Software Foundation of APISIX Inadequate validation of data reliability in CVSS V2: -
CVSS V3: 9.1
Severity: CRITICAL
Insufficient Verification of Data Authenticity vulnerability in Apache APISIX. The openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorized access the protected resources. This issue affects Apache APISIX: from 2.3 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the issue. 3.17.0 It is recommended to upgrade to .- All information handled by the software may be leaked to external parties. - All information handled by the software may be overwritten. - The software will not stop
VAR-202606-3794 CVE-2026-44046 Apache Software Foundation of APISIX Vulnerability in using untrusted sources CVSS V2: -
CVSS V3: 5.8
Severity: MEDIUM
Use of Less Trusted Source vulnerability in Apache APISIX. Attacker can take advantage of wolf-rbac plugin under default configuration to potentially pollute logs with spoofed identity information and exploit IP based access control rules. This issue affects Apache APISIX: from 1.2.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the issue. An attacker could exploit this vulnerability in the default settings. 3.17.0 It is recommended to upgrade to .• The information handled by this software will not be leaked to external parties. • Some of the information handled by this software may be rewritten. • This software will not stop
VAR-202606-3795 CVE-2026-39999 Apache Software Foundation of APISIX Spoofing authentication evasion vulnerability in CVSS V2: -
CVSS V3: 9.1
Severity: CRITICAL
Authentication Bypass by Spoofing vulnerability in Apache APISIX. The attacker can completely bypass authentication capitalising on certain configurations of jwt-auth plugin. This issue affects Apache APISIX: from v2.2 through v3.16.0. Users are recommended to upgrade to version v3.17.0, which fixes the issue. v3.17.0 We recommend that you upgrade to .- All information handled by the software may be leaked to external parties. - All information handled by the software may be overwritten. - The software will not stop
VAR-202606-3919 CVE-2026-39998 Apache Software Foundation of APISIX Input verification vulnerability in CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the issue. 3.17.0 It is recommended to upgrade to .- All information handled by the software may be leaked to external parties. - All information handled by the software may be overwritten. - The software may completely shut down
VAR-202606-3748 CVE-2026-12390 CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
In AzeoTech DAQFactory versions 21.1 and prior, a Type Confusion vulnerability can be exploited by an attacker using specially crafted .ctl files which can result in code execution.
VAR-202606-4065 CVE-2026-20246 Cisco Systems Umbrella Virtual Appliance Vulnerability in privilege management in CVSS V2: -
CVSS V3: 6.0
Severity: MEDIUM
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root. root You will be promoted.- All information handled by the software may be leaked to external parties. - All information handled by the software may be overwritten. - The software will not stop
VAR-202606-3945 CVE-2026-11410 TP-LINK Technologies of TL-WR940N  in the firmware OS  Command injection vulnerability CVSS V2: -
CVSS V3: 7.2
Severity: HIGH
An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges. OS A command injection vulnerability exists. - All information handled by the software may be overwritten. - The software may completely shut down
VAR-202606-3835 CVE-2026-11409 TP-LINK Technologies of TL-WR940N  in the firmware OS  Command injection vulnerability CVSS V2: -
CVSS V3: 7.2
Severity: HIGH
An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges. - All information handled by the software may be overwritten. - The software may completely shut down
VAR-202606-1203 CVE-2026-20262 Cisco Systems Cisco Catalyst SD-WAN Manager Past traversal vulnerability in CVSS V2: -
CVSS V3: 6.5
Severity: MEDIUM
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate user-supplied input during a file upload process. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected API endpoint of the affected system. A successful exploit could allow the attacker to create or overwrite any file on the underlying operating system. This file could later be used to elevate to root. To exploit this vulnerability, the attacker must have valid credentials with at least a lower-privileged, single-task user account. An attacker could use a specially crafted... root This vulnerability can be used to escalate privileges. • All information handled by this software may be overwritten. • This software will not stop
VAR-202606-0848 CVE-2026-12174 D-Link Corporation of DCS-935L  Multiple vulnerabilities in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The exploit is publicly available and could be misused.- All information handled by the software may be leaked to external parties. - All information handled by the software may be overwritten. - The software may completely shut down
VAR-202606-2782 CVE-2026-9213 of netgear MR70 FIRMWARE Vulnerabilities related to input confirmation in multiple products such as CVSS V2: -
CVSS V3: 8.1
Severity: HIGH
A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device. - All information handled by the software may be overwritten. - The software may completely shut down
VAR-202606-1905 CVE-2026-9212 of netgear LBR1020  Multiple vulnerabilities in multiple products, including firmware CVSS V2: -
CVSS V3: 8.0
Severity: HIGH
Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations. - All information handled by the software may be overwritten. - The software may completely shut down
VAR-202606-3957 CVE-2026-9211 of netgear CAX30  Vulnerabilities related to input validation in multiple products, such as firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation. - All information handled by the software may be overwritten. - The software may completely shut down
VAR-202606-2783 CVE-2026-9210 of netgear EX3700  Vulnerabilities related to input validation in multiple products, such as firmware CVSS V2: -
CVSS V3: 4.5
Severity: MEDIUM
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality. • All information handled by this software may be overwritten. • This software will not stop
VAR-202606-4111 CVE-2026-45591 Microsoft's .NET Vulnerabilities related to resource exhaustion in multiple products, including CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network. - No information handled by the software will be rewritten. - The software may completely shut down
VAR-202606-2971 CVE-2026-0420 of netgear RAX120  Vulnerabilities related to flaws in encryption processing across multiple products, including firmware. CVSS V2: -
CVSS V3: 5.9
Severity: MEDIUM
An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting the product's confidentiality. This vulnerability affects the listed NETGEAR models. This vulnerability allows an attacker to carry out a man-in-the-middle attack that could affect the confidentiality of the product. MiTM This vulnerability may allow the execution of the following actions. NETGEAR This will affect the model.- All information handled by the software may be leaked to external parties. - No rewriting will occur to the information handled by the software. - The software will not stop
VAR-202606-3571 CVE-2026-0419 of netgear JR6150  Firmware Input Validation Vulnerability CVSS V2: -
CVSS V3: 8.0
Severity: HIGH
Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands.  NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are planned. NETGEAR strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. This vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware. - All information handled by the software may be overwritten. - The software may completely shut down
VAR-202606-2314 CVE-2026-0418 of netgear CBR750  Multiple vulnerabilities in multiple products, including firmware CVSS V2: -
CVSS V3: 4.5
Severity: Medium
Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system. • All information handled by this software may be overwritten. • This software will not stop