Vulnerabilities > Iodata

DATE CVE VULNERABILITY TITLE RISK
2020-01-27 CVE-2019-19823 Insufficiently Protected Credentials vulnerability in multiple products
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file.
5.0
2020-01-27 CVE-2019-19822 Missing Authentication for Critical Function vulnerability in multiple products
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords).
5.0
2018-09-07 CVE-2018-0663 Use of Hard-coded Credentials vulnerability in Iodata products
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector.
network
low complexity
iodata CWE-798
critical
9.0
2018-09-07 CVE-2018-0662 Unspecified vulnerability in Iodata products
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to add malicious files on the device and execute arbitrary code.
local
low complexity
iodata
7.2
2018-09-07 CVE-2018-0661 Unspecified vulnerability in Iodata products
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.
low complexity
iodata
8.3
2018-02-08 CVE-2018-0512 OS Command Injection vulnerability in Iodata products
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC.
low complexity
iodata CWE-78
7.7
2017-11-13 CVE-2017-10875 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iodata LAN Disk Connect Firmware
I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors.
network
low complexity
iodata CWE-119
5.0
2017-08-02 CVE-2017-2283 Use of Hard-coded Credentials vulnerability in Iodata Wn-G300R3 Firmware
WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.
low complexity
iodata CWE-798
5.8
2017-08-02 CVE-2017-2282 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00
Buffer overflow in WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.
low complexity
iodata CWE-119
5.2
2017-08-02 CVE-2017-2281 OS Command Injection vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00
WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
low complexity
iodata CWE-78
8.3