CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0627
https://notcve.org/view.php?id=CVE-2018-0627
Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter. Aterm WG1200HP, con firmware Ver1.0.31 y anteriores, permite a los atacantes con permisos de administrador ejecutar comandos SO arbitrarios mediante el parámetro targetAPSsid. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN00401783/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0632
https://notcve.org/view.php?id=CVE-2018-0632
Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via HTTP request and response. Un desbordamiento de búfer en Aterm W300P, en su versión Ver1.0.13 y anteriores, permite a los atacantes con permisos de administrador ejecutar código SO arbitrario mediante una petición y respuesta HTTP. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN26629618/index.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0641
https://notcve.org/view.php?id=CVE-2018-0641
Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter. Desbordamiento de búfer en Aterm HC100RC, en versiones Ver1.0.1 y anteriores, permite que un atacante con derechos de administrador ejecute código arbitrario mediante los parámetros date, time y offset en tools_system.cgi. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN84825660/index.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0635
https://notcve.org/view.php?id=CVE-2018-0635
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter. Aterm HC100RC, en su versión Ver1.0.1 y anteriores, permite a los atacantes con permisos de administrador ejecutar comandos SO arbitrarios mediante el parámetro filename. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN84825660/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0633
https://notcve.org/view.php?id=CVE-2018-0633
Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via submit-url parameter. Un desbordamiento de búfer en Aterm W300P, en su versión Ver1.0.13 y anteriores, permite a los atacantes con permisos de administrador ejecutar código SO arbitrario mediante un parámetro submit-url. • https://jpn.nec.com/security-info/secinfo/nv18-011.html https://jvn.jp/en/jp/JVN26629618/index.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •