CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2283
https://notcve.org/view.php?id=CVE-2017-2283
WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device. Las versiones 1.0.2 y anteriores del firmware WN-G300R3 utilizan credenciales embebidas que pueden permitir a un atacante acceder al dispositivo para ejecutar código arbitrario en él. • http://www.iodata.jp/support/information/2017/wn-g300r3_2 https://jvn.jp/en/jp/JVN51410509/index.html • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2281
https://notcve.org/view.php?id=CVE-2017-2281
WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. Las versiones 3.00 y anteriores del firmware WN-AX1167GR permiten a los atacantes ejecutar comandos arbitrarios del sistema operativo utilizando vectores no especificados. • http://www.iodata.jp/support/information/2017/wn-ax1167gr https://jvn.jp/en/jp/JVN01312667/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2280
https://notcve.org/view.php?id=CVE-2017-2280
WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device. Las versiones 3.00 y anteriores del firmware WN-AX1167GR utilizan credenciales embebidas que pueden permitir a un atacante acceder al dispositivo para ejecutar código arbitrario en él. • http://www.iodata.jp/support/information/2017/wn-ax1167gr https://jvn.jp/en/jp/JVN01312667/index.html • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2017-2223
https://notcve.org/view.php?id=CVE-2017-2223
Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC firmware version 1.19 and earlier and TS-WPTCAM2 firmware version 1.01 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC con versiones de firmware 1.19 y anteriores y TS-WPTCAM2 con versiones de firmware 1.01 y anteriores permite que atacantes remotos secuestren la autenticación de los administradores mediante vectores sin especificar. • http://www.iodata.jp/support/information/2017/camera201706 http://www.securityfocus.com/bid/99144 https://jvn.jp/en/jp/JVN65411235/index.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7806
https://notcve.org/view.php?id=CVE-2016-7806
I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. El dispositivo I-O DATA WFS-SR01 con firmware versión 1.10 y versiones anteriores permite a atacantes remotos ejecutar comandos de SO arbitrarios a través de vectores no especificados. • http://www.iodata.jp/support/information/2016/wfs-sr01 http://www.securityfocus.com/bid/94089 https://jvn.jp/en/jp/JVN18228200/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •