Vulnerabilities > Kddi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-2183 | OS Command Injection vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101 HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings. | 5.2 |
| 2016-01-30 | CVE-2016-1141 | OS Command Injection vulnerability in Kddi Home Spot Cube Firmware 2.0 KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | 6.5 |
| 2016-01-30 | CVE-2016-1140 | 7PK - Security Features vulnerability in Kddi Home Spot Cube Firmware 2.0 KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors. | 4.3 |
| 2016-01-30 | CVE-2016-1139 | Cross-Site Request Forgery (CSRF) vulnerability in Kddi Home Spot Cube Firmware 2.0 Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2016-01-30 | CVE-2016-1138 | Unspecified vulnerability in Kddi Home Spot Cube Firmware 2.0 CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors. network kddi | 4.3 |
| 2016-01-30 | CVE-2016-1137 | Unspecified vulnerability in Kddi Home Spot Cube Firmware 2.0 Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. network kddi | 5.8 |
| 2016-01-30 | CVE-2016-1136 | Cross-site Scripting vulnerability in Kddi Home Spot Cube Firmware 2.0 Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2007-07-11 | CVE-2007-3692 | Directory Traversal vulnerability in Kddi Ezfactory Download CGI 1.0 Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. | 7.8 |