Vulnerabilities > Iodata
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-02 | CVE-2017-2282 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00 Buffer overflow in WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | 6.8 |
| 2017-08-02 | CVE-2017-2281 | OS Command Injection vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00 WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 8.8 |
| 2017-08-02 | CVE-2017-2280 | Use of Hard-coded Credentials vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00 WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device. | 8.8 |
| 2017-07-07 | CVE-2017-2223 | Cross-Site Request Forgery (CSRF) vulnerability in Iodata products Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC firmware version 1.19 and earlier and TS-WPTCAM2 firmware version 1.01 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7820 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service (DoS) or execute arbitrary code via unspecified vectors. | 7.2 |
| 2017-06-09 | CVE-2016-7819 | OS Command Injection vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | 7.2 |
| 2017-06-09 | CVE-2016-7814 | Information Exposure vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors. | 7.5 |
| 2017-06-09 | CVE-2016-7807 | Improper Access Control vulnerability in Iodata Wfs-Sr01 Firmware 1.10 I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors. | 7.5 |
| 2017-06-09 | CVE-2016-7806 | OS Command Injection vulnerability in Iodata Wfs-Sr01 Firmware 1.10 I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. | 9.8 |
| 2017-04-28 | CVE-2017-2148 | Cross-site Scripting vulnerability in Iodata Wn-Ac1167Gr Firmware 1.04 Cross-site scripting vulnerability in WN-AC1167GR firmware version 1.04 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |