CVSS: 7.7EPSS: 0%CPEs: 90EXPL: 0CVE-2018-0512
https://notcve.org/view.php?id=CVE-2018-0512
08 Feb 2018 — Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors. Los dispositivos con la herramienta de configuración de direcciones IP MagicalFinder proporcionada por I-O DATA DEVICE, INC. permiten que atacantes autenticados ejecuten comandos arbitrarios del sistema operativo mediante vectores sin especificar. • http://www.iodata.jp/support/information/2018/magicalfinder • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1207
https://notcve.org/view.php?id=CVE-2016-1207
14 May 2016 — Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en dispositivos I-O DATA DEVICE WN-G300R con firmware 1.12 y versiones anteriores, dispositivos WN-G300R2 con firmware 1.12 y versiones anteriores, y dispositivos WN-G300R3 con fir... • http://jvn.jp/en/jp/JVN22978346/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •