Vulnerabilities > Iodata
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-14 | CVE-2023-29804 | OS Command Injection vulnerability in Iodata Wfs-Sr03K Firmware and Wfs-Sr03W Firmware WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the sys_smb_pwdmod function. | 8.8 |
| 2023-04-14 | CVE-2023-29805 | OS Command Injection vulnerability in Iodata Wfs-Sr03K Firmware and Wfs-Sr03W Firmware WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the pro_stor_canceltrans_handler_part_19 function. | 9.8 |
| 2020-01-27 | CVE-2019-19823 | Insufficiently Protected Credentials vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. | 7.5 |
| 2020-01-27 | CVE-2019-19822 | Missing Authentication for Critical Function vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). | 7.5 |
| 2018-09-07 | CVE-2018-0663 | Use of Hard-coded Credentials vulnerability in Iodata products Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector. | 8.8 |
| 2018-09-07 | CVE-2018-0662 | Unspecified vulnerability in Iodata products Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to add malicious files on the device and execute arbitrary code. low complexity iodata | 6.8 |
| 2018-09-07 | CVE-2018-0661 | Unspecified vulnerability in Iodata products Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration. low complexity iodata | 8.8 |
| 2018-02-08 | CVE-2018-0512 | OS Command Injection vulnerability in Iodata products Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. | 6.8 |
| 2017-11-13 | CVE-2017-10875 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iodata LAN Disk Connect Firmware 2.02 I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors. | 7.5 |
| 2017-08-02 | CVE-2017-2283 | Use of Hard-coded Credentials vulnerability in Iodata Wn-G300R3 Firmware WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device. | 8.0 |