command inject in Arista NG firewall (CVE-2025-6978)
#internetOfShit
every other month I have to throw my 30 amp heat pump breaker because it powers my #ecobee "smart" thermostat. there is no way to reboot the device otherwise. rebooting the device is the only way to get it to resync with my #homeassistant. #internetofshit
edit: I appreciate the responses but I'm not looking for a solution that doesn't involve fixing the ecobee or replacing it. Best as I can tell it's caused by wifi going down and ecobee not liking it. A chance it's caused by HA not seeing the thermostat when it's back on wifi.
#InternetofShit Round-up:
Belkin formPPTPSetup pptpUserName Parameter Buffer Overflow Attempt (CVE-2025-7086, CVE-2025-11296)
Belkin formL2TPSetup L2TPUserName Parameter Buffer Overflow Attempt (CVE-2025-7087, CVE-2025-11294)
Belkin formPPPoESetup pppUserName Parameter Buffer Overflow Attempt (CVE-2025-7088, CVE-2025-11295)
Belkin formWanTcpipSetup pppUserName Parameter Buffer Overflow Attempt (CVE-2025-7089, CVE-2025-11299)
D-Link sylogapply syslogIp Parameter Command Injection Attempt (CVE-2018-17064)
D-Link wirelessApcli/wirelessApcli_5g Multiple Parameters Buffer Overflow Attempt (2025-5622)
D-Link qosClassifier Multiple Parameters Buffer Overflow Attempt (CVE-2025-5623)
D-Link form2IPQoSTcAdd Multiple Parameters Buffer Overflow Attempt (CVE-2024-13106)
Source: https://github.com/wudipjq/my_vuln
Why are there old vulns in here?
If they aren't covered in the ET ruleset, they get added and addressed as I find them.
Why do some messages here have multiple CVEs?
In a lot of cases with IoT vulns, some CNAs and Vendors have the same vuln across an entire product line, and will provide a CVE for each vulnerable hardware platform, so I just append multiple CVE numbers to a discovered vulnerability if they are identical enough.
Why do some messages not have a CVE?
Some of these IoT Vendors believe they can do no wrong, and will ignore vulnerability reports/coordination requests. In such cases, or in cases where the CVE information is NOT documented enough to where I can find it on cve.org, it just doesn't get a CVE number.
#InternetofShit: Continuing yesterday's work by picking on Belkin some more. Found this github repo, and I'm just grinding through it:
#InternetofShit Round-up:
Here's all the shit I discovered today. All of these rules will be in today's ETOPEN release:
D-Link setDayNightMode LightSensorControl Parameter Command Injection Attempt (CVE-2026-1419)
tzh00203.notion.site/D-Link-DCS700l-v1-03-09-Command-Injection-Vulnerability-in-LightSensorControl-Parameter-2e6b5c52018a80ada0f6d7e72efd7a45
D-Link set_wifidog_settings wd_enable Parameter Command Injection Attempt (CVE-2026-1125)
github.com/DavCloudz/cve/blob/main/D-link/DIR_823X/DIR-823X%20V250416%20Command%20Execution%20Vulnerability.md
D-Link upgrade_filter.asp path Parameter Command Injection Attempt (CVE-2026-0732)
github.com/DavCloudz/cve/blob/main/D-link/DI_8200G/DI_8200G%20V17.12.20A1%20Command%20Execution%20Vulnerability/readme.md
D-Link version_upgrade.asp path Parameter Command Injection Attempt
github.com/DavCloudz/cve/blob/main/D-link/DI_7300G/DI_7300G%2BV-19.12.25A1%20OS%20execution%20vulnerability.md
Netgear diag.cgi host_name Parameter Command Injection Attempt (CVE-2025-7407)
github.com/wudipjq/my_vuln/blob/main/Netgear7/vuln_66/66.md
Belkin formBSSetSitesurvey Multiple Parameters Command Injection Attempt (CVE-2025-7082)
github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_2/2.md; reference:cve,2025-7082
Belkin mp command Parameter Command Injection Attempt (CVE-2025-7083)
github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_3/3.md
Belkin formWpsStart pinCode Parameter Buffer Overflow Attempt (CVE-2025-7084)
github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_4/4.md
Belkin formiNICWpsStart pinCode Parameter Buffer Overflow Attempt (CVE-2025-7085)
github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_5/5.md
Fun github repos to look at:
Hope y'all don't mind me picking up #InternetofShit duty.
Turns out, you just visit cve.org, and just type in an internet of shit vendor name, good chance the CVE listing has a proof of concept link somewhere.
I'm thinking about doing a daily summary as well.
shit ton of good proof of concept code in here:
https://github.com/wudipjq/my_vuln/tree/main
cc @Dio9sys
Belkin /goform/mp command Parameter Command Injection Attempted (2025-7083)
https://github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_3/3.md
cc @Dio9sys
Belkin /goform/formBSSetSitesurvey Multiple Parameters Command Injection Attempt (CVE-2025-7082, 2025-11292)
https://github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_2/2.md
cc @Dio9sys
netgear /diag.cgi host_name command injection attempt (2025-7407)
https://github.com/wudipjq/my_vuln/blob/main/Netgear7/vuln_66/66.md
cc @Dio9sys
D-Link /upgrade_filter.asp path parameter command injection attempt
More fun to look at:
https://github.com/DavCloudz/cve/tree/main
Looks like some D-Link, H3c, UTT, and our favorite, Tenda all up in.
DIR-823X V250416 /goform/set_wifidog_settings wd_enable command injection attempt (2026-1125)
D-Link DCS700l v1.03.09 Command /setDayNightMode LightSensorControl command injection attempt (2026-1419)
holy shit I just saw the ad video for AI microwave (yes, you read that right!) made by Chinese tech company and presented at CES 2026, and it's already a strong candidate for the best Internet of Shit tech of 2026
#InternetOfThings #InternetOfShit #IoT #Tech #Technology #Privacy #CES #CES2026
The cert for https://ajax.aspnetcdn.com/ajax expired. What year are we in again?
is that... really necessary? feels like, from my perspective, it kills the imagination for children who build them
https://www.lego.com/en-us/aboutus/news/2026/december/lego-smart-play-announcement
spent a good chunk of time trying to fix a "smart" humidifier. disassembled and reassembled, cleaned everything, changed router settings, tried different phones ... nothing solved my issue.
gave it one good punch and it now works flawlessly ...
It's cold so my netatmo connected thermostat is having server issues...
#internetofshit
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst