CVE-2018-0663

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
iodatats-wrlp_firmware
𝑥
≤ 1.09.04
iodatats-wrlp\/e_firmware
𝑥
≤ 1.09.04
iodatats-wrla_firmware
𝑥
≤ 1.09.04
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN83701666/index.html
http://www.iodata.jp/support/information/2018/ts-wrlp/
http://jvn.jp/en/jp/JVN83701666/index.html
http://www.iodata.jp/support/information/2018/ts-wrlp/