CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4821
https://notcve.org/view.php?id=CVE-2016-4821
19 Jun 2016 — I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors. Dispositivos I-O DATA DEVICE ETX-R permiten a atacantes remotos provocar una denegación de servicio (caída del servidor web) a través de vectores no especificados. • http://jvn.jp/en/jp/JVN96052093/index.html •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-1206
https://notcve.org/view.php?id=CVE-2016-1206
14 May 2016 — The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a brute-force attack. La implementación WPS en dispositivos I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S y WN-GDN/R3-U no limita conjeturas de PIN, lo que permite a atacantes remotos obtener acceso a la red a través de un ataque de fuerza bruta. • http://jvn.jp/en/jp/JVN25674893/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1207
https://notcve.org/view.php?id=CVE-2016-1207
14 May 2016 — Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en dispositivos I-O DATA DEVICE WN-G300R con firmware 1.12 y versiones anteriores, dispositivos WN-G300R2 con firmware 1.12 y versiones anteriores, y dispositivos WN-G300R3 con fir... • http://jvn.jp/en/jp/JVN22978346/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2984
https://notcve.org/view.php?id=CVE-2015-2984
22 Aug 2015 — I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service (SSDP reflection) via UPnP requests. Vulnerabilidad en routers I-O DATA DEVICE WN-G con firmware anterior a 1.03 y en routers NP-BBRS permite a atacantes remotos causar una denegación de servicio (SSDP reflection) a través de peticiones UPnP. • http://jvn.jp/en/jp/JVN17964918/index.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 12EXPL: 0CVE-2014-3895
https://notcve.org/view.php?id=CVE-2014-3895
29 Jul 2014 — The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and earlier, TS-PTCAM/POE camera with firmware 1.08 and earlier, and TS-WLC2 camera with firmware 1.02 and earlier allow remote attackers to bypass authentication, and consequently obtain sensitive credential and configuration data, via unspecified vectors. La camera I-O DATA TS-WLCAM con firmware 1.06 y anteriores,... • http://jvn.jp/en/jp/JVN94592501/index.html • CWE-287: Improper Authentication •
CVSS: 5.4EPSS: 0%CPEs: 12EXPL: 0CVE-2013-4713
https://notcve.org/view.php?id=CVE-2013-4713
01 Nov 2013 — Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad cross-site scripting (XSS) en I-O DATA DEVICE RockDisk con el firmware anterior a 1.05e1-2.0.5 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://jvn.jp/en/jp/JVN74608669/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2013-4712
https://notcve.org/view.php?id=CVE-2013-4712
19 Oct 2013 — I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors. Dispositivos I-O DATA DEVICE HDL-A y HDL2-A con firmware 1.07 y anteriores no gestionan adecuadamente las sesiones, lo que permite a atacantes remotos obtener información sensible o modificar datos mediante vectores no especificados. • http://jvn.jp/en/jp/JVN52509236/225184/index.html • CWE-399: Resource Management Errors •