5 results (0.020 seconds)

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter. Aterm W300P, en su versión Ver1.0.13 y anteriores, permite a los atacantes con permisos de administrador ejecutar comandos SO arbitrarios mediante el parámetro targetAPSsid. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN26629618/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd parameter. Aterm W300P, en su versión Ver1.0.13 y anteriores, permite a los atacantes con permisos de administrador ejecutar comandos SO arbitrarios mediante el parámetro sysCmd. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN26629618/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response. Aterm W300P, en su versión Ver1.0.13 y anteriores, permite a los atacantes con permisos de administrador ejecutar comandos SO arbitrarios mediante una petición y respuesta HTTP. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN26629618/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via HTTP request and response. Un desbordamiento de búfer en Aterm W300P, en su versión Ver1.0.13 y anteriores, permite a los atacantes con permisos de administrador ejecutar código SO arbitrario mediante una petición y respuesta HTTP. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN26629618/index.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via submit-url parameter. Un desbordamiento de búfer en Aterm W300P, en su versión Ver1.0.13 y anteriores, permite a los atacantes con permisos de administrador ejecutar código SO arbitrario mediante un parámetro submit-url. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN26629618/index.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •