Vulnerabilites related to iodata - hvl-ata
Vulnerability from fkie_nvd
Published
2018-02-08 14:29
Modified
2024-11-21 03:38
Severity ?
Summary
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | http://www.iodata.jp/support/information/2018/magicalfinder/ | Vendor Advisory | |
| vultures@jpcert.or.jp | https://jvn.jp/en/jp/JVN36048131/index.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iodata.jp/support/information/2018/magicalfinder/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/jp/JVN36048131/index.html | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-xr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3698D733-7250-47B0-BEC4-6C2D7776BFA5",
"versionEndIncluding": "2.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-xr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE1145E3-44CB-4577-B8E9-050CF29B906E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-xrw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1721272F-2750-4CDB-BC07-89732FCA751D",
"versionEndIncluding": "2.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-xrw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80B3105D-DFBD-4A6C-894B-851E383A9183",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-xr2u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7121787A-D838-4E9A-833A-40D9B404315D",
"versionEndIncluding": "2.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-xr2u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1354F1-694F-46DF-9758-714122E1FDD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-xr2uw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E1996B0-F04C-4AA4-98CF-0F575A4FAFA2",
"versionEndIncluding": "2.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-xr2uw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF872E7-62B0-4750-A4BD-4065AD233415",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-xv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E58D40CF-F133-4126-A5B3-42E3D33937CA",
"versionEndIncluding": "1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-xv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5547281C-17A2-4F71-9FF8-A4C929A3C8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-xvw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "204C6539-EA12-4C45-80C6-4381B03AB385",
"versionEndIncluding": "1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-xvw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03384111-A901-468B-97B1-60CA37220AD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-gt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F20F2FC9-97DD-4DA4-97C3-99896E93F530",
"versionEndIncluding": "1.37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6BC6D9-75B0-4F7C-87BD-5C9C456ABEFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-gtr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A924211-8F20-4279-819F-A087F0D503B1",
"versionEndIncluding": "1.37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-gtr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B02AAD82-7185-40E1-B796-D75B37ED2925",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B42C6B44-CD95-4264-B8D0-C4E01DDB348A",
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5CCE34-DB35-49D8-AA47-F37627BF67B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-ah_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F177EF31-5617-4EFF-9411-DB6A3DE1862A",
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-ah:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F66C74-4293-40AB-A1C4-CFEEDA915335",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl2-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0207A8CE-E0EE-49F7-84CB-B6A1F01CECDC",
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl2-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70B682C2-10B5-4966-BCB8-4C3C3BDF79A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl2-ah_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "763513D6-591E-472E-9C69-7C727D4E90DA",
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl2-ah:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B48C07B-E168-4982-933F-6719F97AFB7E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D75AF31-408D-4B13-AC5A-B0F7BE9EE4F7",
"versionEndIncluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6FF579-2394-43B6-AF4D-1B475ABBDFC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hls-c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "839BB324-7C46-4240-85BC-CD472B50A17A",
"versionEndIncluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hls-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "238FF69A-435C-40DD-AAA8-F4D210E82603",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hvl-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B14E487-0176-4585-AC5D-9AFE44FAF4CC",
"versionEndIncluding": "2.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hvl-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927A3308-4783-4D2A-9CBF-CE411EF3D8DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hvl-at_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81D772A1-DA9F-4C42-8FEF-59E4C46AA75A",
"versionEndIncluding": "2.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hvl-at:-:*:*:*:*:*:*:*",
"matchCriteriaId": "614E688B-397B-4D7D-8B4A-B0117442CC54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hvl-ata_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "028A5633-2C41-44A7-B5B6-CBE9628BF302",
"versionEndIncluding": "2.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hvl-ata:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F1C65E8-AF07-49D9-A3DF-FD57EF7C1AAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hvl-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "563DB4AE-7281-44D6-94C3-2ADC563CD48A",
"versionEndIncluding": "1.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hvl-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86CD9174-0A04-4773-A92D-326D0183208A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hfas1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9589C47D-6127-478F-8EC2-7BA35E74DD18",
"versionEndIncluding": "1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hfas1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D20F68D6-D582-4A1E-AFC0-C8B4857DFC15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:whg-napg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14AF2E13-2F21-4EA2-93BB-02A7D22A4F80",
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:whg-napg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5665EC8E-03BC-40A8-B94C-6FEDA04AD704",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:whg-napga_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C4399B-56AC-40A2-BC41-75800653A636",
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:whg-napga:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E69B8575-E4D7-44B1-9998-ADA0B10F4CF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:whg-napgal_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA95ED54-D7A3-47A3-B317-767B3C606609",
"versionEndIncluding": "1.05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:whg-napgal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234A5B5A-85F0-4D65-8FC1-8625C6B6EED4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:whg-ac1750a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8A3FE2-994C-4053-B92C-D3E5AA50448B",
"versionEndIncluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:whg-ac1750a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99BB57E1-03ED-463D-BB43-FD1D08B0B509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:whg-ac1750_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6354EA-CA34-4191-A50B-62BB814D2437",
"versionEndIncluding": "1.07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:whg-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7468BE5-154F-4BE7-9592-72F5260AF194",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:whg-ac1750al_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B66B09EA-7B19-4049-9C1C-72D03D9C9C02",
"versionEndIncluding": "1.07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:whg-ac1750al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8001A2-4E0A-4667-A4EB-1CC82F982FD9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-ax1167gr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15FA55F9-7855-4E36-B1BD-D14CEDCBD3F5",
"versionEndIncluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-ax1167gr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A23CDC37-9491-4534-96E3-42654BB49BEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-gx300gr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35749AD9-2684-4161-BBAE-B5C9AD8D6044",
"versionEndIncluding": "2.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-gx300gr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75F981BF-E420-44B3-B5CE-C92C543CA5B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wnpr2600g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36ABAC36-AC8C-48F3-8A03-188246B6A7A5",
"versionEndIncluding": "1.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wnpr2600g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03A28CB9-ED2E-44A3-911A-0592AA5AB41F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wnpr1750g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66944278-23D7-4EE0-8782-9305D90C6DCA",
"versionEndIncluding": "1.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wnpr1750g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69F17C83-F1BE-4329-82B3-CD4BD8A44543",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wnpr1167g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7135168C-F865-40F3-A549-64432DFC9478",
"versionEndIncluding": "1.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wnpr1167g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04E8100B-5C39-4C43-8CD4-B9256AAA7059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wnpr1167f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "594B2FF1-3F87-43FF-92BB-AE0F9AB1D6C3",
"versionEndIncluding": "1.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wnpr1167f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E5DCA76-5D1F-4CE2-9828-7572C8764C63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-ag750dgr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EC880B4-A2F7-4E90-9DEB-AB11C8D5DD2A",
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-ag750dgr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20D3B80C-E9A8-4582-A13E-C45518DB4500",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-g300r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D22F336-71D3-452F-91E2-7AD18DF6AC27",
"versionEndIncluding": "1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-g300r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB90734-00AB-4C53-A082-D89BD5F17864",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-g300r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6531939-3E97-4510-8874-3CEB830F24D3",
"versionEndIncluding": "1.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-g300r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "185631B5-C854-4476-9061-539C67A63E58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-ag300dgr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "290E3365-BB7C-4FED-8661-4B8CBCEC4F92",
"versionEndIncluding": "1.05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-ag300dgr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9CFDCC-9352-4D59-AD0F-2E5C059F261A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-ac1600dgr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ACE4EAE-0852-4DC4-9249-9D3193E43B0B",
"versionEndIncluding": "2.06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-ac1600dgr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A65FCD2-A330-4E20-BCA3-938E6888340F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-ac1167dgr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B88B4DF7-1937-4838-8F81-4547DA0F3740",
"versionEndIncluding": "1.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-ac1167dgr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B458EA0-B9B6-413C-984D-8DCFD077A718",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-g300ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B418C4C-ED68-47EF-8E8A-2C106CECD3FC",
"versionEndIncluding": "1.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-g300ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4287E925-BA6A-4FCE-9672-E6D984C0B02E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-ac1300ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51947891-086A-4ADA-9525-84BCAF76E83D",
"versionEndIncluding": "1.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-ac1300ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8E6699-544F-417A-B670-5802E7A8DC4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-ac583trk_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB5CB44-920B-4593-9031-F91F6C7F6DB3",
"versionEndIncluding": "1.05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-ac583trk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB0FFAA-D855-4A4D-85EF-5778A47BEF75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-ac583rk_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F631AC8-3616-4BCF-8BF3-52895814CBEB",
"versionEndIncluding": "1.06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-ac583rk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043686DF-58D7-455B-8432-80D33F087746",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:wn-g300sr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E1174F-F101-4A58-A3DA-4400988D1B56",
"versionEndIncluding": "1.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:wn-g300sr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3251513-33CD-4C5F-A75B-1FB39DD649AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:bx-vp1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73068C3B-EF6A-4412-8B9D-FA161DFC56F1",
"versionEndIncluding": "2.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:bx-vp1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E46835FB-1D53-4CDA-A4D7-BA83E89E8B50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:gv-ntx1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98F5BB64-F6A4-4E3A-AE25-5DF8D3435067",
"versionEndIncluding": "1.02.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:gv-ntx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89C160E5-ED96-46F3-BF09-70DE23F743F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:gv-ntx2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21B371A5-6509-4BCB-A48F-CC89322ACA4C",
"versionEndIncluding": "1.02.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:gv-ntx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62F8470D-3AF8-4806-90DE-C69BBAE3F65D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Devices with IP address setting tool \"MagicalFinder\" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors."
},
{
"lang": "es",
"value": "Los dispositivos con la herramienta de configuraci\u00f3n de direcciones IP MagicalFinder proporcionada por I-O DATA DEVICE, INC. permiten que atacantes autenticados ejecuten comandos arbitrarios del sistema operativo mediante vectores sin especificar."
}
],
"id": "CVE-2018-0512",
"lastModified": "2024-11-21T03:38:23.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-08T14:29:00.213",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-24 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | http://jvn.jp/en/jp/JVN35062083/index.html | Third Party Advisory | |
| vultures@jpcert.or.jp | http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134 | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | http://www.iodata.jp/support/information/2016/hvl-a_csrf/ | Vendor Advisory | |
| vultures@jpcert.or.jp | http://www.securityfocus.com/bid/92352 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN35062083/index.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iodata.jp/support/information/2016/hvl-a_csrf/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92352 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| iodata | hvl-a2.0_firmware | 2.03 | |
| iodata | hvl-a3.0_firmware | 2.03 | |
| iodata | hvl-a4.0_firmware | 2.03 | |
| iodata | hvl-at1.0s_firmware | 2.03 | |
| iodata | hvl-at2.0_firmware | 2.03 | |
| iodata | hvl-at2.0a_firmware | 2.03 | |
| iodata | hvl-at3.0_firmware | 2.03 | |
| iodata | hvl-at3.0a_firmware | 2.03 | |
| iodata | hvl-at4.0_firmware | 2.03 | |
| iodata | hvl-at4.0a_firmware | 2.03 | |
| iodata | hvl-a | - | |
| iodata | hvl-at | - | |
| iodata | hvl-ata | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hvl-a2.0_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9275CD-D9BD-4A85-A845-17DF7D2BA952",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-a3.0_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDCADFD-76D9-4D50-AFB5-AF60B29D17EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-a4.0_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DCFD9B-69B6-4E75-BC04-E77BE1FD62A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-at1.0s_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "29D11353-ABF6-41B4-A2CA-0CED6F8C92AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-at2.0_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "8432FFA2-6501-4506-8C54-585A0C115779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-at2.0a_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "19D630D7-C735-4CCB-B77B-47BD98877266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-at3.0_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "34E8413F-0965-44FB-9D9D-1D6CD70E02B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-at3.0a_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D44FAF7B-D368-4BC6-A3F3-40731852F120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-at4.0_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2079ED-DC64-43C3-8B64-DEF967D4C524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:iodata:hvl-at4.0a_firmware:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FA18213F-F5A2-40BA-99CC-A2A27FBDEF91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hvl-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927A3308-4783-4D2A-9CBF-CE411EF3D8DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:iodata:hvl-at:-:*:*:*:*:*:*:*",
"matchCriteriaId": "614E688B-397B-4D7D-8B4A-B0117442CC54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:iodata:hvl-ata:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F1C65E8-AF07-49D9-A3DF-FD57EF7C1AAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en dispositivos I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A y HVL-AT4.0A con firmware en versiones anteriores a 2.04 permite a atacantes remotos secuestrar la autenticaci\u00f3n de usuarios arbitrarios para peticiones de borrado de contenido."
}
],
"id": "CVE-2016-4845",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-24T10:59:01.243",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN35062083/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iodata.jp/support/information/2016/hvl-a_csrf/"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/92352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN35062083/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iodata.jp/support/information/2016/hvl-a_csrf/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92352"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-0512 (GCVE-0-2018-0512)
Vulnerability from cvelistv5
Published
2018-02-08 14:00
Modified
2024-08-05 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- OS Command Injection
Summary
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jvn.jp/en/jp/JVN36048131/index.html | third-party-advisory, x_refsource_JVN | |
| http://www.iodata.jp/support/information/2018/magicalfinder/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| I-O DATA DEVICE, INC. | IP address setting tool "MagicalFinder" |
Version: all versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:11.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#36048131",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IP address setting tool \"MagicalFinder\"",
"vendor": "I-O DATA DEVICE, INC.",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"datePublic": "2018-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Devices with IP address setting tool \"MagicalFinder\" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-08T13:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#36048131",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IP address setting tool \"MagicalFinder\"",
"version": {
"version_data": [
{
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "I-O DATA DEVICE, INC."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Devices with IP address setting tool \"MagicalFinder\" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#36048131",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"name": "http://www.iodata.jp/support/information/2018/magicalfinder/",
"refsource": "CONFIRM",
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0512",
"datePublished": "2018-02-08T14:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-08-05T03:28:11.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4845 (GCVE-0-2016-4845)
Vulnerability from cvelistv5
Published
2016-09-24 10:00
Modified
2024-08-06 00:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.iodata.jp/support/information/2016/hvl-a_csrf/ | x_refsource_CONFIRM | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134 | third-party-advisory, x_refsource_JVNDB | |
| http://www.securityfocus.com/bid/92352 | vdb-entry, x_refsource_BID | |
| http://jvn.jp/en/jp/JVN35062083/index.html | third-party-advisory, x_refsource_JVN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:39:26.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.iodata.jp/support/information/2016/hvl-a_csrf/"
},
{
"name": "JVNDB-2016-000134",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134"
},
{
"name": "92352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92352"
},
{
"name": "JVN#35062083",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN35062083/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.iodata.jp/support/information/2016/hvl-a_csrf/"
},
{
"name": "JVNDB-2016-000134",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134"
},
{
"name": "92352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92352"
},
{
"name": "JVN#35062083",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN35062083/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.iodata.jp/support/information/2016/hvl-a_csrf/",
"refsource": "CONFIRM",
"url": "http://www.iodata.jp/support/information/2016/hvl-a_csrf/"
},
{
"name": "JVNDB-2016-000134",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134"
},
{
"name": "92352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92352"
},
{
"name": "JVN#35062083",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN35062083/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4845",
"datePublished": "2016-09-24T10:00:00",
"dateReserved": "2016-05-17T00:00:00",
"dateUpdated": "2024-08-06T00:39:26.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201802-0652
Vulnerability from variot
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors. Multiple I-O DATA network devices that incorporate "MagicalFinder" contain an OS command injection vulnerability (CWE-78). Taizo Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An attacker who can log in the affected device may execute an arbitrary OS command. I-ODATADEVICEHDL-XR/XRWseries and so on are different series of network attached storage devices of Japan I-ODATADEVICE. There are operating system command injection vulnerabilities in MagicalFinder in several I-ODATADEVICE products. The following products and versions are affected: HDL-XR/XRW series with firmware version 2.01 and earlier; HDL-XR2U/XR2UW series with firmware version 2.01 and earlier; HDL-XV/XVW series with firmware version 1.50 and earlier; HDL-GT series with firmware version 1.37 and earlier; HDL-GTR series with firmware version earlier than 1.37, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0652",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hdl-gtr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.37"
},
{
"model": "hdl-ah",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.26"
},
{
"model": "hdl-xvw",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.50"
},
{
"model": "whg-ac1750a",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "3.00"
},
{
"model": "wn-g300sr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.00"
},
{
"model": "wn-g300r",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.14"
},
{
"model": "gv-ntx2",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.02.00"
},
{
"model": "hdl2-ah",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.26"
},
{
"model": "wnpr1167g",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.00"
},
{
"model": "hdl2-a",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.26"
},
{
"model": "wn-ag300dgr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.05"
},
{
"model": "hdl-xr2uw",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.01"
},
{
"model": "wn-gx300gr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.00"
},
{
"model": "whg-ac1750",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.07"
},
{
"model": "wn-ac1600dgr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.06"
},
{
"model": "hdl-a",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.26"
},
{
"model": "wn-ax1167gr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "3.11"
},
{
"model": "hdl-xr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.01"
},
{
"model": "hdl-xv",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.50"
},
{
"model": "bx-vp1",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.01"
},
{
"model": "wn-ac583rk",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.06"
},
{
"model": "wn-ac1167dgr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.02"
},
{
"model": "wnpr1167f",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.00"
},
{
"model": "hdl-xr2u",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.01"
},
{
"model": "wn-ac1300ex",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.02"
},
{
"model": "hls-c",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.12"
},
{
"model": "wn-ag750dgr",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.08"
},
{
"model": "hvl-ata",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.04"
},
{
"model": "hdl-xrw",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.01"
},
{
"model": "wnpr2600g",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.01"
},
{
"model": "whg-napg",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.08"
},
{
"model": "hvl-s",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.00"
},
{
"model": "wn-g300ex",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.01"
},
{
"model": "hvl-at",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.04"
},
{
"model": "hdl-gt",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.37"
},
{
"model": "whg-napgal",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.05"
},
{
"model": "hfas1",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.40"
},
{
"model": "whg-napga",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.08"
},
{
"model": "whg-ac1750al",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.07"
},
{
"model": "hvl-a",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "2.04"
},
{
"model": "wnpr1750g",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.01"
},
{
"model": "gv-ntx1",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.02.00"
},
{
"model": "wn-g300r3",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.04"
},
{
"model": "wn-ac583trk",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.05"
},
{
"model": "hdl-t",
"scope": "lte",
"trust": 1.0,
"vendor": "iodata",
"version": "1.12"
},
{
"model": "bx-vp1",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.01"
},
{
"model": "gv-ntx1",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.02.00"
},
{
"model": "gv-ntx2",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.02.00"
},
{
"model": "hdl-a series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.26"
},
{
"model": "hdl-ah series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.26"
},
{
"model": "hdl-gt series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.37"
},
{
"model": "hdl-gtr series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.37"
},
{
"model": "hdl-t series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.12"
},
{
"model": "hdl-xr series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.01"
},
{
"model": "hdl-xr2u series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.01"
},
{
"model": "hdl-xr2uw series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.01"
},
{
"model": "hdl-xrw series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.01"
},
{
"model": "hdl-xv series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.50"
},
{
"model": "hdl-xvw series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.50"
},
{
"model": "hdl2-a series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.26"
},
{
"model": "hdl2-ah series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.26"
},
{
"model": "hfas1 series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.40"
},
{
"model": "hls-c series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.12"
},
{
"model": "hvl-a series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.04"
},
{
"model": "hvl-at series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.04"
},
{
"model": "hvl-ata series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.04"
},
{
"model": "hvl-s series",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.00"
},
{
"model": "whg-ac1750/a",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 3.00"
},
{
"model": "whg-ac1750/al",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.07"
},
{
"model": "whg-napg/a",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.08"
},
{
"model": "whg-napg/al",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.05"
},
{
"model": "wn-ac1167dgr",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.02"
},
{
"model": "wn-ac1300ex",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.02"
},
{
"model": "wn-ac1600dgr",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.06"
},
{
"model": "wn-ac583rk",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.06"
},
{
"model": "wn-ac583trk",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.05"
},
{
"model": "wn-ag300dgr",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.05"
},
{
"model": "wn-ag750dgr",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.08"
},
{
"model": "wn-ax1167gr",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 3.11"
},
{
"model": "wn-g300ex",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.01"
},
{
"model": "wn-g300r",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.14"
},
{
"model": "wn-g300r3",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.04"
},
{
"model": "wn-g300sr",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.00"
},
{
"model": "wn-gx300gr",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 2.00"
},
{
"model": "wnpr1167f",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.00"
},
{
"model": "wnpr1167g",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.00"
},
{
"model": "wnpr1750g",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.01"
},
{
"model": "wnpr2600g",
"scope": "lte",
"trust": 0.8,
"vendor": "i o data device",
"version": "firmware version 1.01"
},
{
"model": "hdl-gtr series",
"scope": "lte",
"trust": 0.6,
"vendor": "i o data device",
"version": "\u003c=1.37"
},
{
"model": "hdl-gt series",
"scope": "lte",
"trust": 0.6,
"vendor": "i o data device",
"version": "\u003c=1.37"
},
{
"model": "hdl-xv/xvw series",
"scope": "lte",
"trust": 0.6,
"vendor": "i o data device",
"version": "\u003c=1.50"
},
{
"model": "hdl-xr2u/xr2uw series",
"scope": "lte",
"trust": 0.6,
"vendor": "i o data device",
"version": "\u003c=2.0.1"
},
{
"model": "hdl-xr/xrw series",
"scope": "lte",
"trust": 0.6,
"vendor": "i o data device",
"version": "\u003c=2.01"
},
{
"model": "wn-ac1600dgr",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "2.06"
},
{
"model": "wn-g300r",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.14"
},
{
"model": "wn-ac1300ex",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.02"
},
{
"model": "wn-g300r3",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.04"
},
{
"model": "wn-ag300dgr",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.05"
},
{
"model": "wn-ac1167dgr",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.02"
},
{
"model": "wn-ac583trk",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.05"
},
{
"model": "wn-g300sr",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.00"
},
{
"model": "wn-g300ex",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.01"
},
{
"model": "wn-ac583rk",
"scope": "eq",
"trust": 0.6,
"vendor": "iodata",
"version": "1.06"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-259"
},
{
"db": "NVD",
"id": "CVE-2018-0512"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:i-o_data_device:bx-vp1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:gv-ntx1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:gv-ntx2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-ah",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-gt",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-gtr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-t",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-xr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-xr2u",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-xr2uw",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-xrw",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-xv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl-xvw",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl2-a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hdl2-ah",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hfas1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hls-c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hvl-a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hvl-at",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hvl-ata",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:hvl-s",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:whg-ac1750a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:whg-ac1750%2fal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:whg-napga",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:whg-napgal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-ac1167dgr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-ac1300ex",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-ac1600dgr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-ac583rk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-ac583trk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-ag300dgr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-ag750dgr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-ax1167gr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-g300ex",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-g300r",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-g300r3",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-g300sr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wn-gx300gr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wnpr1167f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wnpr1167g",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wnpr1750g",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:i-o_data_device:wnpr2600g",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
}
]
},
"cve": "CVE-2018-0512",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CVE-2018-0512",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-000007",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2018-05725",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "VHN-118714",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-0512",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-000007",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-0512",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2018-000007",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-05725",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201802-259",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-118714",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"db": "VULHUB",
"id": "VHN-118714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-259"
},
{
"db": "NVD",
"id": "CVE-2018-0512"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Devices with IP address setting tool \"MagicalFinder\" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors. Multiple I-O DATA network devices that incorporate \"MagicalFinder\" contain an OS command injection vulnerability (CWE-78). Taizo Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An attacker who can log in the affected device may execute an arbitrary OS command. I-ODATADEVICEHDL-XR/XRWseries and so on are different series of network attached storage devices of Japan I-ODATADEVICE. There are operating system command injection vulnerabilities in MagicalFinder in several I-ODATADEVICE products. The following products and versions are affected: HDL-XR/XRW series with firmware version 2.01 and earlier; HDL-XR2U/XR2UW series with firmware version 2.01 and earlier; HDL-XV/XVW series with firmware version 1.50 and earlier; HDL-GT series with firmware version 1.37 and earlier; HDL-GTR series with firmware version earlier than 1.37, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0512"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"db": "VULHUB",
"id": "VHN-118714"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0512",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVN36048131",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201802-259",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-05725",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-118714",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"db": "VULHUB",
"id": "VHN-118714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-259"
},
{
"db": "NVD",
"id": "CVE-2018-0512"
}
]
},
"id": "VAR-201802-0652",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"db": "VULHUB",
"id": "VHN-118714"
}
],
"trust": 1.4824074111111112
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05725"
}
]
},
"last_update_date": "2024-11-23T22:48:46.962000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "I-O DATA DEVICE, INC. website",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
},
{
"title": "A variety of I-ODATADEVICE products MagicalFinder operating system command injection vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/122133"
},
{
"title": "Multiple I-O DATA DEVICE product MagicalFinder Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78373"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-259"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"db": "NVD",
"id": "CVE-2018-0512"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://jvn.jp/en/jp/jvn36048131/index.html"
},
{
"trust": 1.7,
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0512"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0512"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"db": "VULHUB",
"id": "VHN-118714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-259"
},
{
"db": "NVD",
"id": "CVE-2018-0512"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"db": "VULHUB",
"id": "VHN-118714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-259"
},
{
"db": "NVD",
"id": "CVE-2018-0512"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"date": "2018-02-08T00:00:00",
"db": "VULHUB",
"id": "VHN-118714"
},
{
"date": "2018-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"date": "2018-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-259"
},
{
"date": "2018-02-08T14:29:00.213000",
"db": "NVD",
"id": "CVE-2018-0512"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-05725"
},
{
"date": "2018-03-06T00:00:00",
"db": "VULHUB",
"id": "VHN-118714"
},
{
"date": "2018-04-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-000007"
},
{
"date": "2018-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-259"
},
{
"date": "2024-11-21T03:38:23.193000",
"db": "NVD",
"id": "CVE-2018-0512"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-259"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple I-O DATA network devices incorporating \"MagicalFinder\" vulnerable to OS command injection",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-000007"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-259"
}
],
"trust": 0.6
}
}