Описание
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.09.04 (включая)
Одновременно
cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.09.04 (включая)
Одновременно
cpe:2.3:o:iodata:ts-wrlp\/e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-wrlp\/e:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 1.09.04 (включая)
Одновременно
cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00608
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector.
EPSS
Процентиль: 69%
0.00608
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-798