CVE-2017-2133
https://notcve.org/view.php?id=CVE-2017-2133
SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en dispositivos de seguridad y control Panasonic KX-HJB1000 con firmware GHX1YG 14.50 o HJB1000_4.47 permite que atacantes autenticados ejecuten comandos SQL arbitrarios mediante vectores sin especificar. • http://www.securityfocus.com/bid/101583 https://jvn.jp/en/jp/JVN54795166 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2017-2131
https://notcve.org/view.php?id=CVE-2017-2131
Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors. Los dispositivos de seguridad y control Panasonic KX-HJB1000 con firmware GHX1YG 14.50 o HJB1000_4.47 permiten que un atacante omita las restricciones de acceso y vea el menú de configuración mediante vectores sin especificar. • http://www.securityfocus.com/bid/101581 https://jvn.jp/en/jp/JVN54795166 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-2132
https://notcve.org/view.php?id=CVE-2017-2132
Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors. Dispositivos Panasonic KX-HJB1000 Home con firmware GHX1YG 14.50 o HJB1000_4.47 permiten que un atacante elimine archivos arbitrarios en un directorio específico mediante vectores sin especificar. • http://www.securityfocus.com/bid/101584 https://jvn.jp/en/jp/JVN54795166 • CWE-20: Improper Input Validation •