Описание
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.9 (включая)
Одновременно
cpe:2.3:o:toshiba:hem-gw16a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:toshiba:hem-gw16a:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.2.9 (включая)
Одновременно
cpe:2.3:o:toshiba:hem-gw26a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:toshiba:hem-gw26a:-:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00116
Низкий
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands.
EPSS
Процентиль: 31%
0.00116
Низкий
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-798