Vulnerabilities > NTT East

DATE CVE VULNERABILITY TITLE RISK
2022-03-31 CVE-2022-22986 OS Command Injection vulnerability in Ntt-East products
Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file.
low complexity
ntt-east CWE-78
8.8
2019-09-12 CVE-2019-5986 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver.
network
low complexity
ntt-east ntt-west CWE-352
8.8
2019-09-12 CVE-2019-5985 Cross-site Scripting vulnerability in multiple products
Cross-site scripting vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver.
network
low complexity
ntt-east ntt-west CWE-79
6.1
2018-06-26 CVE-2018-0563 Untrusted Search Path vulnerability in Ntt-East products
Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
ntt-east CWE-426
7.8
2018-01-26 CVE-2018-0507 Untrusted Search Path vulnerability in Ntt-East products
Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.11 and earlier versions allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
ntt-east CWE-426
7.8
2017-12-01 CVE-2017-10874 Use of Insufficiently Random Values vulnerability in Ntt-East Pwr-Q200 Firmware
PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks.
network
low complexity
ntt-east CWE-330
7.5
2016-07-03 CVE-2016-1228 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the authentication of arbitrary users.
network
low complexity
ntt-west ntt-east CWE-352
8.8
2016-07-03 CVE-2016-1227 NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
network
low complexity
ntt-east ntt-west
7.2