The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the SEIL/X1, SEIL/X2, and SEIL/B1 routers with firmware 1.00 through 2.73, when strict mode is used, does not properly drop packets, which might allow remote attackers to bypass intended access restrictions via a spoofed IP address.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | seil/x1_firmware | 1.21 |
| iij | seil/b1_firmware | 2.40 |
| iij | seil/x2_firmware | 2.60 |
| iij | seil/b1_firmware | 2.60 |
| iij | seil/x1_firmware | 2.10 |
| iij | seil/b1_firmware | 2.01 |
| iij | seil/x1_firmware | 2.72 |
| iij | seil/x2_firmware | 1.31 |
| iij | seil/x2_firmware | 2.50 |
| iij | seil/x1_firmware | 1.11 |
| iij | seil/x2_firmware | 1.21 |
| iij | seil/x2_firmware | 1.32 |
| iij | seil/x2_firmware | 2.63 |
| iij | seil/b1_firmware | 2.51 |
| iij | seil/x2_firmware | 2.61 |
| iij | seil/x1_firmware | 1.41 |
| iij | seil/x1_firmware | 1.40 |
| iij | seil/b1_firmware | 2.63 |
| iij | seil/x2_firmware | 1.43 |
| iij | seil/x2_firmware | 2.41 |
| iij | seil/x1_firmware | 1.30 |
| iij | seil/x2_firmware | 1.11 |
| iij | seil/x2_firmware | 2.52 |
| iij | seil/x1_firmware | 1.44 |
| iij | seil/b1_firmware | 2.52 |
| iij | seil/x1_firmware | 2.50 |
| iij | seil/x2_firmware | 1.22 |
| iij | seil/b1_firmware | 2.20 |
| iij | seil/x1_firmware | 2.61 |
| iij | seil/x2_firmware | 1.30 |
| iij | seil/x1_firmware | 2.41 |
| iij | seil/x1_firmware | 2.52 |
| iij | seil/x2_firmware | 2.40 |
| iij | seil/b1_firmware | 2.10 |
| iij | seil/x2_firmware | 1.20 |
| iij | seil/b1_firmware | 2.70 |
| iij | seil/x1_firmware | 1.20 |
| iij | seil/x1_firmware | 1.31 |
| iij | seil/x1_firmware | 2.42 |
| iij | seil/x1_firmware | 2.40 |
| iij | seil/x2_firmware | 1.41 |
| iij | seil/x1_firmware | 2.60 |
| iij | seil/x2_firmware | 2.10 |
| iij | seil/x2_firmware | 2.30 |
| iij | seil/x1_firmware | 2.30 |
| iij | seil/b1_firmware | 2.30 |
| iij | seil/x2_firmware | 2.51 |
| iij | seil/b1_firmware | 1.00 |
| iij | seil/x2_firmware | 2.42 |
| iij | seil/x2_firmware | 1.40 |
| iij | seil/x2_firmware | 2.70 |
| iij | seil/x2_firmware | 2.62 |
| iij | seil/b1_firmware | 2.61 |
| iij | seil/b1_firmware | 2.72 |
| iij | seil/b1_firmware | 2.50 |
| iij | seil/x1_firmware | 2.51 |
| iij | seil/b1_firmware | 2.62 |
| iij | seil/b1_firmware | 2.42 |
| iij | seil/x1_firmware | 1.32 |
| iij | seil/x2_firmware | 1.10 |
| iij | seil/x1_firmware | 1.22 |
| iij | seil/x1_firmware | 2.62 |
| iij | seil/x1_firmware | 2.73 |
| iij | seil/x2_firmware | 2.72 |
| iij | seil/x2_firmware | 2.20 |
| iij | seil/x1_firmware | 2.20 |
| iij | seil/x2_firmware | 1.00 |
| iij | seil/b1_firmware | 2.41 |
| iij | seil/x1_firmware | 1.10 |
| iij | seil/x1_firmware | 2.63 |
| iij | seil/x1_firmware | 2.70 |
| iij | seil/x2_firmware | 1.44 |
| iij | seil/x1_firmware | 1.43 |
Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware 1.00 through 1.61, SEIL/B1 with firmware 1.00 through 3.11, SEIL/X1 with firmware 1.00 through 3.11, SEIL/X2 with firmware 1.00 through 3.11, SEIL/Turbo with firmware 1.80 through 2.10, and SEIL/neu 2FE Plus with firmware 1.80 through 2.10 might allow remote attackers to execute arbitrary code via a PPPoE packet.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | seil/x1_firmware | 1.21 |
| iij | seil/b1_firmware | 2.40 |
| iij | seil/b1_firmware | 2.60 |
| iij | seil/neu_2fe_plus_firmware | 2.07 |
| iij | seil/turbo | * |
| iij | seil/b1_firmware | 2.01 |
| iij | seil/neu_2fe_plus_firmware | 1.82 |
| iij | seil/neu_2fe_plus_firmware | 1.80 |
| iij | seil/neu_2fe_plus_firmware | 1.91 |
| iij | seil/x1_firmware | 1.11 |
| iij | seil/b1_firmware | 2.75 |
| iij | seil/x2_firmware | 1.21 |
| iij | seil/b1_firmware | 3.02 |
| iij | seil/x2_firmware | 1.32 |
| iij | seil/x2_firmware | 2.63 |
| iij | seil/x2_firmware | 2.61 |
| iij | seil/b1_firmware | 3.01 |
| iij | seil/turbo_firmware | 1.83 |
| iij | seil/x1_firmware | 1.40 |
| iij | seil/b1_firmware | 2.63 |
| iij | seil/neu_2fe_plus_firmware | 1.85 |
| iij | seil/turbo_firmware | 1.95 |
| iij | seil/x2_firmware | 3.02 |
| iij | seil/neu_2fe_plus_firmware | 2.09 |
| iij | seil/turbo_firmware | 2.03 |
| iij | seil/x1_firmware | 3.02 |
| iij | seil/turbo_firmware | 2.04 |
| iij | seil/turbo_firmware | 1.93 |
| iij | seil/x2_firmware | 1.11 |
| iij | seil/x2_firmware | 2.52 |
| iij | seil/x1_firmware | 1.44 |
| iij | seil/x2_firmware | 1.22 |
| iij | seil/b1_firmware | 2.20 |
| iij | seil/turbo_firmware | 2.09 |
| iij | seil/neu_2fe_plus_firmware | 2.02 |
| iij | seil/x1_firmware | 2.41 |
| iij | seil/b1_firmware | 2.10 |
| iij | seil/x2_firmware | 2.75 |
| iij | seil/x2_firmware | 1.20 |
| iij | seil/b1_firmware | 2.70 |
| iij | seil/x1 | * |
| iij | seil/x1_firmware | 2.42 |
| iij | seil/x2_firmware | 2.74 |
| iij | seil/x2_firmware | 1.41 |
| iij | seil/x2_firmware | 2.73 |
| iij | seil/x2_firmware | 2.10 |
| iij | seil/turbo_firmware | 1.81 |
| iij | seil/x86_firmware | 1.00 |
| iij | seil/neu_2fe_plus_firmware | 2.05 |
| iij | seil/b1_firmware | 1.00 |
| iij | seil/b1 | * |
| iij | seil/turbo_firmware | 1.82 |
| iij | seil/x1_firmware | 2.75 |
| iij | seil/x2 | * |
| iij | seil/x2_firmware | 2.62 |
| iij | seil/turbo_firmware | 2.02 |
| iij | seil/x1_firmware | 2.51 |
| iij | seil/b1_firmware | 2.62 |
| iij | seil/b1_firmware | 2.42 |
| iij | seil/turbo_firmware | 1.85 |
| iij | seil/x2_firmware | 1.10 |
| iij | seil/x1_firmware | 1.22 |
| iij | seil/x1_firmware | 2.62 |
| iij | seil/b1_firmware | 2.74 |
| iij | seil/neu_2fe_plus_firmware | 1.99 |
| iij | seil/x1_firmware | 2.73 |
| iij | seil/x2_firmware | 2.20 |
| iij | seil/turbo_firmware | 1.96 |
| iij | seil/b1_firmware | 2.41 |
| iij | seil/x1_firmware | 2.70 |
| iij | seil/turbo_firmware | 2.01 |
| iij | seil/neu_2fe_plus_firmware | 2.03 |
| iij | seil/x2_firmware | 2.60 |
| iij | seil/neu_2fe_plus | * |
| iij | seil/x1_firmware | 2.10 |
| iij | seil/neu_2fe_plus_firmware | 1.98 |
| iij | seil/x1_firmware | 2.72 |
| iij | seil/b1_firmware | 2.73 |
| iij | seil/turbo_firmware | 2.05 |
| iij | seil/neu_2fe_plus_firmware | 1.96 |
| iij | seil/x2_firmware | 1.31 |
| iij | seil/x2_firmware | 2.50 |
| iij | seil/turbo_firmware | 2.00 |
| iij | seil/turbo_firmware | 1.99 |
| iij | seil/neu_2fe_plus_firmware | 2.06 |
| iij | seil/x1_firmware | 3.10 |
| iij | seil/turbo_firmware | 2.10 |
| iij | seil/b1_firmware | 2.51 |
| iij | seil/x2_firmware | 3.01 |
| iij | seil/x1_firmware | 1.41 |
| iij | seil/x1_firmware | 2.74 |
| iij | seil/x2_firmware | 1.43 |
| iij | seil/b1_firmware | 3.10 |
| iij | seil/x2_firmware | 2.41 |
| iij | seil/x2_firmware | 3.10 |
| iij | seil/x1_firmware | 1.30 |
| iij | seil/turbo_firmware | 1.80 |
| iij | seil/neu_2fe_plus_firmware | 1.81 |
| iij | seil/b1_firmware | 2.52 |
| iij | seil/x1_firmware | 2.50 |
| iij | seil/neu_2fe_plus_firmware | 1.90 |
| iij | seil/x1_firmware | 2.61 |
| iij | seil/x2_firmware | 1.30 |
| iij | seil/neu_2fe_plus_firmware | 1.93 |
| iij | seil/x1_firmware | 3.01 |
| iij | seil/x2_firmware | 3.11 |
| iij | seil/neu_2fe_plus_firmware | 1.83 |
| iij | seil/neu_2fe_plus_firmware | 2.04 |
| iij | seil/x1_firmware | 2.52 |
| iij | seil/x2_firmware | 2.40 |
| iij | seil/neu_2fe_plus_firmware | 1.84 |
| iij | seil/x1_firmware | 1.20 |
| iij | seil/x1_firmware | 1.31 |
| iij | seil/x86_firmware | 1.61 |
| iij | seil/turbo_firmware | 1.94 |
| iij | seil/neu_2fe_plus_firmware | 2.08 |
| iij | seil/x1_firmware | 1.00 |
| iij | seil/b1_firmware | 3.11 |
| iij | seil/x1_firmware | 3.11 |
| iij | seil/x1_firmware | 2.40 |
| iij | seil/turbo_firmware | 1.84 |
| iij | seil/turbo_firmware | 1.91 |
| iij | seil/x1_firmware | 2.60 |
| iij | seil/x2_firmware | 2.30 |
| iij | seil/x1_firmware | 2.30 |
| iij | seil/b1_firmware | 2.30 |
| iij | seil/neu_2fe_plus_firmware | 2.01 |
| iij | seil/x2_firmware | 2.51 |
| iij | seil/neu_2fe_plus_firmware | 1.92 |
| iij | seil/turbo_firmware | 2.08 |
| iij | seil/x2_firmware | 2.42 |
| iij | seil/x2_firmware | 1.40 |
| iij | seil/turbo_firmware | 1.92 |
| iij | seil/x2_firmware | 2.70 |
| iij | seil/x86 | * |
| iij | seil/b1_firmware | 2.61 |
| iij | seil/b1_firmware | 2.72 |
| iij | seil/turbo_firmware | 1.90 |
| iij | seil/b1_firmware | 2.50 |
| iij | seil/neu_2fe_plus_firmware | 1.94 |
| iij | seil/x1_firmware | 1.32 |
| iij | seil/turbo_firmware | 2.06 |
| iij | seil/turbo_firmware | 2.07 |
| iij | seil/turbo_firmware | 1.98 |
| iij | seil/x2_firmware | 2.72 |
| iij | seil/x1_firmware | 2.20 |
| iij | seil/neu_2fe_plus_firmware | 1.95 |
| iij | seil/x2_firmware | 1.00 |
| iij | seil/x1_firmware | 1.10 |
| iij | seil/x1_firmware | 2.63 |
| iij | seil/x2_firmware | 1.44 |
| iij | seil/neu_2fe_plus_firmware | 2.00 |
| iij | seil/x1_firmware | 1.43 |
| iij | seil/neu_2fe_plus_firmware | 2.10 |
The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | seil/b1 | * |
| iij | seil/x1 | * |
| iij | seil/turbo | * |
| iij | seil/neu_2fe_plus | * |
| iij | seil/x86 | * |
| iij | seil/x2 | * |
| iij | seil%2fx86_firmware | 1.00 |
| iij | seil%2fb1_firmware | 1.00 |
| iij | seil%2fneu_2fe_plus_firmware | 1.80 |
| iij | seil%2fx1_firmware | 1.00 |
| iij | seil%2fx86_firmware | 2.80 |
| iij | seil%2fx2_firmware | 1.00 |
| iij | seil%2fturbo_firmware | 1.80 |
| iij | seil%2fturbo_firmware | 2.05 |
| iij | seil%2fneu_2fe_plus_firmware | 2.15 |
| iij | seil%2fx1_firmware | 4.30 |
| iij | seil%2fb1_firmware | 4.30 |
| iij | seil%2fturbo_firmware | 2.15 |
| iij | seil%2fneu_2fe_plus_firmware | 2.05 |
| iij | seil%2fx2_firmware | 4.30 |
Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware before 2.82, SEIL/X1 with firmware before 4.32, SEIL/X2 with firmware before 4.32, SEIL/B1 with firmware before 4.32, SEIL/Turbo with firmware before 2.16, and SEIL/neu 2FE Plus with firmware before 2.16 allows remote attackers to execute arbitrary code via a crafted L2TP message.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | seil/b1 | * |
| iij | seil/x1 | * |
| iij | seil_x2_firmware | 1.00 |
| iij | seil/turbo | * |
| iij | seil/neu_2fe_plus | * |
| iij | seil%2fx1_firmware | 4.31 |
| iij | seil/x86 | * |
| iij | seil/x2 | * |
| iij | seil%2fx86_firmware | 1.00 |
| iij | seil%2fb1_firmware | 1.00 |
| iij | seil_x2_firmware | 4.31 |
| iij | seil%2fx86_firmware | 2.81 |
| iij | seil%2fb1_firmware | 4.31 |
| iij | seil%2fx1_firmware | 1.00 |
| iij | seil%2fturbo_firmware | 2.05 |
| iij | seil%2fneu_2fe_plus_firmware | 2.15 |
| iij | seil%2fturbo_firmware | 2.15 |
| iij | seil%2fneu_2fe_plus_firmware | 2.05 |
The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 through 3.10, SEIL/X1 routers 1.00 through 4.50, SEIL/X2 routers 1.00 through 4.50, SEIL/B1 routers 1.00 through 4.50, SEIL/Turbo routers 1.80 through 2.17, and SEIL/neu 2FE Plus routers 1.80 through 2.17 allows remote attackers to cause a denial of service (session termination or concentrator outage) via a crafted TCP packet.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | seil/x1 | * |
| iij | seil/turbo | * |
| iij | seil/neu_2fe_plus | * |
| iij | seil%2fneu_2fe_plus_firmware | 2.16 |
| iij | seil%2fb1_firmware | 1.00 |
| iij | seil%2fneu_2fe_plus_firmware | 2.17 |
| iij | seil%2fneu_2fe_plus_firmware | 1.80 |
| iij | seil%2fb1_firmware | 4.31 |
| iij | seil%2fx1_firmware | 1.00 |
| iij | seil%2fx86_firmware | 2.80 |
| iij | seil%2fx2_firmware | 1.00 |
| iij | seil%2fx2_firmware | 4.50 |
| iij | seil%2fturbo_firmware | 2.05 |
| iij | seil%2fneu_2fe_plus_firmware | 2.15 |
| iij | seil%2fx86_firmware | 3.10 |
| iij | seil%2fb1_firmware | 4.30 |
| iij | seil%2fturbo_firmware | 2.16 |
| iij | seil%2fneu_2fe_plus_firmware | 2.05 |
| iij | seil%2fx2_firmware | 4.30 |
| iij | seil/b1 | * |
| iij | seil%2fb1_firmware | 4.32 |
| iij | seil%2fx1_firmware | 4.31 |
| iij | seil/x86 | * |
| iij | seil/x2 | * |
| iij | seil%2fx86_firmware | 1.00 |
| iij | seil%2fx86_firmware | 2.81 |
| iij | seil%2fturbo_firmware | 2.17 |
| iij | seil%2fturbo_firmware | 1.80 |
| iij | seil%2fx2_firmware | 1.80 |
| iij | seil%2fb1_firmware | 4.50 |
| iij | seil%2fx1_firmware | 4.32 |
| iij | seil%2fx1_firmware | 4.30 |
| iij | seil%2fturbo_firmware | 2.15 |
| iij | seil%2fx86_firmware | 2.82 |
Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 through 4.62, SEIL/X2 2.50 through 4.62, SEIL/B1 2.50 through 4.62, and SEIL/x86 Fuji 1.70 through 3.22 allow remote attackers to cause a denial of service (CPU and traffic consumption) via a large number of NTP requests within a short time, which causes unnecessary NTP responses to be sent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | seil_x1_firmware | * |
| iij | seil_x2_firmware | * |
| iij | seil_b1_firmware | * |
| iij | seil_x86_fuji_firmware | * |
The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking Internet Initiative Japan Inc. SEIL series routers SEIL/x86 Fuji 1.00 through 3.22; SEIL/X1, SEIL/X2, and SEIL/B1 1.00 through 4.62; SEIL/Turbo 1.82 through 2.18; and SEIL/neu 2FE Plus 1.82 through 2.18 allow remote attackers to cause a denial of service (restart) via crafted (a) GRE or (b) MPPE packets.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | seil_turbo_firmware | 1.82 |
| iij | seil_plus_firmware | 2.08 |
| iij | seil_turbo_firmware | 2.09 |
| iij | seil_turbo_firmware | 1.85 |
| iij | seil_b1_firmware | * |
| iij | seil_plus_firmware | 1.97 |
| iij | seil_turbo_firmware | 2.05 |
| iij | seil_plus_firmware | 1.86 |
| iij | seil_plus_firmware | 1.90 |
| iij | seil_turbo_firmware | 1.83 |
| iij | seil_turbo_firmware | 1.95 |
| iij | seil_plus_firmware | 2.04 |
| iij | seil_turbo_firmware | 2.00 |
| iij | seil_turbo | - |
| iij | seil_plus_firmware | 1.83 |
| iij | seil_turbo_firmware | 1.84 |
| iij | seil_plus_firmware | 1.93 |
| iij | seil_plus_firmware | 1.84 |
| iij | seil_turbo_firmware | 2.11 |
| iij | seil_plus_firmware | 1.89 |
| iij | seil_plus_firmware | 1.82 |
| iij | seil_plus_firmware | 2.11 |
| iij | seil_turbo_firmware | 2.08 |
| iij | seil_plus_firmware | 1.95 |
| iij | seil_plus_firmware | 2.17 |
| iij | seil_plus_firmware | 1.85 |
| iij | seil_turbo_firmware | 2.18 |
| iij | seil_plus_firmware | 2.06 |
| iij | seil_plus_firmware | 2.12 |
| iij | seil_plus_firmware | 2.13 |
| iij | seil_plus_firmware | 1.92 |
| iij | seil_turbo_firmware | 2.07 |
| iij | seil_turbo_firmware | 2.03 |
| iij | seil_plus_firmware | 1.94 |
| iij | seil_turbo_firmware | 1.92 |
| iij | seil_plus_firmware | 1.87 |
| iij | seil_plus_firmware | 2.15 |
| iij | seil_plus_firmware | 1.98 |
| iij | seil_plus_firmware | 1.96 |
| iij | seil_plus_firmware | 2.09 |
| iij | seil_plus_firmware | 2.10 |
| iij | seil_turbo_firmware | 1.90 |
| iij | seil_turbo_firmware | 2.14 |
| iij | seil_turbo_firmware | 2.16 |
| iij | seil_turbo_firmware | 2.17 |
| iij | seil_turbo_firmware | 1.91 |
| iij | seil_turbo_firmware | 2.13 |
| iij | seil_turbo_firmware | 1.94 |
| iij | seil_turbo_firmware | 2.10 |
| iij | seil_turbo_firmware | 2.02 |
| iij | seil_plus_firmware | 2.02 |
| iij | seil_x86_fuji_firmware | * |
| iij | seil_plus_firmware | 2.01 |
| iij | seil_turbo_firmware | 2.04 |
| iij | seil_plus_firmware | 1.91 |
| iij | seil_turbo_firmware | 2.01 |
| iij | seil_plus_firmware | 1.88 |
| iij | seil_turbo_firmware | 1.88 |
| iij | seil_turbo_firmware | 2.12 |
| iij | seil_plus_firmware | 2.05 |
| iij | seil_x1_firmware | * |
| iij | seil_x2_firmware | * |
| iij | seil_turbo_firmware | 2.15 |
| iij | seil_turbo_firmware | 1.99 |
| iij | seil_plus_firmware | 2.07 |
| iij | seil_turbo_firmware | 1.87 |
| iij | seil_turbo_firmware | 1.97 |
| iij | seil_plus_firmware | 2.18 |
| iij | seil_turbo_firmware | 1.86 |
| iij | seil_plus_firmware | 2.03 |
| iij | seil_plus_firmware | 2.14 |
| iij | seil_plus_firmware | 1.99 |
| iij | seil_turbo_firmware | 2.06 |
| iij | seil_turbo_firmware | 1.96 |
| iij | seil_turbo_firmware | 1.93 |
| iij | seil_plus_firmware | 2.16 |
| iij | seil_plus | - |
| iij | seil_turbo_firmware | 1.98 |
| iij | seil_turbo_firmware | 1.89 |
npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji routers 1.00 through 3.30, SEIL/X1 routers 3.50 through 4.70, SEIL/X2 routers 3.50 through 4.70, and SEIL/B1 routers 3.50 through 4.70 allows remote attackers to cause a denial of service (infinite loop and device hang) via a crafted SSTP packet.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | seil_x86_fuji_firmware | 2.18 |
| iij | seil_x86_fuji_firmware | 2.62 |
| iij | seil/b1_firmware | 4.41 |
| iij | seil_x86_fuji_firmware | 2.12 |
| iij | seil/b1_firmware | 4.30 |
| iij | seil_x86_fuji_firmware | 3.02 |
| iij | seil_x86_fuji_firmware | 1.74 |
| iij | seil_x86_fuji_firmware | 2.50 |
| iij | seil/x2_firmware | 4.34 |
| iij | seil/x2_firmware | 4.70 |
| iij | seil_x86_fuji_firmware | 2.77 |
| iij | seil_x86_fuji_firmware | 2.47 |
| iij | seil_x86_fuji_firmware | 2.69 |
| iij | seil/x2_firmware | 3.51 |
| iij | seil_x86_fuji_firmware | 2.87 |
| iij | seil/x1_firmware | 4.32 |
| iij | seil_x86_fuji_firmware | 2.42 |
| iij | seil_x86_fuji_firmware | 1.95 |
| iij | seil_x86_fuji_firmware | 2.05 |
| iij | seil/x2_firmware | 4.32 |
| iij | seil_x86_fuji_firmware | 2.26 |
| iij | seil/x2_firmware | 4.00 |
| iij | seil_x86_fuji_firmware | 3.12 |
| iij | seil_x86_fuji_firmware | 2.93 |
| iij | seil_x86_fuji_firmware | 2.99 |
| iij | seil/x2_firmware | 3.75 |
| iij | seil/b1_firmware | 3.60 |
| iij | seil_x86_fuji_firmware | 2.08 |
| iij | seil_x86_fuji_firmware | 1.93 |
| iij | seil_x86_fuji_firmware | 2.88 |
| iij | seil_x86_fuji_firmware | 2.00 |
| iij | seil_x86_fuji_firmware | 2.86 |
| iij | seil/b1_firmware | 3.90 |
| iij | seil/x2_firmware | 3.90 |
| iij | seil_x86_fuji_firmware | 2.20 |
| iij | seil_x86_fuji_firmware | 2.60 |
| iij | seil_x86_fuji_firmware | 2.11 |
| iij | seil_x86_fuji_firmware | 1.80 |
| iij | seil_x86_fuji_firmware | 1.98 |
| iij | seil_x86_fuji_firmware | 2.44 |
| iij | seil/x2_firmware | 4.53 |
| iij | seil/b1_firmware | 3.75 |
| iij | seil_x86_fuji_firmware | 2.04 |
| iij | seil_x86_fuji_firmware | 2.68 |
| iij | seil_x86_fuji_firmware | 2.25 |
| iij | seil_x86_fuji_firmware | 2.56 |
| iij | seil_x86_fuji_firmware | 2.90 |
| iij | seil_x86_fuji_firmware | 2.45 |
| iij | seil_x86_fuji_firmware | 3.06 |
| iij | seil_x86_fuji_firmware | 2.06 |
| iij | seil_x86_fuji_firmware | 2.23 |
| iij | seil_x86_fuji_firmware | 2.24 |
| iij | seil_x86_fuji_firmware | 2.79 |
| iij | seil_x86_fuji_firmware | 1.92 |
| iij | seil/x1_firmware | 4.60 |
| iij | seil_x86_fuji_firmware | 3.21 |
| iij | seil_x86_fuji_firmware | 2.94 |
| iij | seil_x86_fuji_firmware | 3.13 |
| iij | seil_x86_fuji_firmware | 1.83 |
| iij | seil_x86_fuji_firmware | 2.57 |
| iij | seil_x86_fuji_firmware | 2.66 |
| iij | seil/x2_firmware | 4.60 |
| iij | seil_x86_fuji_firmware | 1.81 |
| iij | seil_x86_fuji_firmware | 1.88 |
| iij | seil_x86_fuji_firmware | 2.15 |
| iij | seil_x86_fuji_firmware | 2.80 |
| iij | seil_x86_fuji_firmware | 1.75 |
| iij | seil/x1_firmware | 4.30 |
| iij | seil_x86_fuji_firmware | 1.87 |
| iij | seil_x86_fuji_firmware | 2.21 |
| iij | seil_x86_fuji_firmware | 1.89 |
| iij | seil_x86_fuji_firmware | 2.48 |
| iij | seil_x86_fuji_firmware | 3.05 |
| iij | seil_x86_fuji_firmware | 2.59 |
| iij | seil_x86_fuji_firmware | 1.91 |
| iij | seil_x86_fuji_firmware | 2.38 |
| iij | seil_x86_fuji_firmware | 2.31 |
| iij | seil_x86_fuji_firmware | 2.37 |
| iij | seil_x86_fuji_firmware | 2.33 |
| iij | seil_x86_fuji_firmware | 2.52 |
| iij | seil_x86_fuji_firmware | 2.98 |
| iij | seil_x86_fuji_firmware | 2.17 |
| iij | seil_x86_fuji_firmware | 3.04 |
| iij | seil/b1_firmware | 4.70 |
| iij | seil_x86_fuji_firmware | 2.64 |
| iij | seil_x86_fuji_firmware | 2.95 |
| iij | seil/x2_firmware | 3.60 |
| iij | seil_x86_fuji_firmware | 3.19 |
| iij | seil_x86_fuji_firmware | 2.19 |
| iij | seil_x86_fuji_firmware | 1.82 |
| iij | seil_x86_fuji_firmware | 3.14 |
| iij | seil/b1_firmware | 4.31 |
| iij | seil_x86_fuji_firmware | 2.13 |
| iij | seil_x86_fuji_firmware | 3.11 |
| iij | seil_x86_fuji_firmware | 1.73 |
| iij | seil_x86_fuji_firmware | 2.41 |
| iij | seil_x86_fuji_firmware | 1.90 |
| iij | seil_x86_fuji_firmware | 2.29 |
| iij | seil_x86_fuji_firmware | 2.39 |
| iij | seil_x86_fuji_firmware | 2.92 |
| iij | seil/x2_firmware | 3.70 |
| iij | seil_x86_fuji_firmware | 2.46 |
| iij | seil_x86_fuji_firmware | 3.20 |
| iij | seil_x86_fuji_firmware | 1.86 |
| iij | seil_x86_fuji_firmware | 2.30 |
| iij | seil/x1_firmware | 4.40 |
| iij | seil/x1_firmware | 4.53 |
| iij | seil_x86_fuji_firmware | 2.76 |
| iij | seil/b1_firmware | 4.60 |
| iij | seil_x86_fuji_firmware | 2.83 |
| iij | seil_x86_fuji_firmware | 2.09 |
| iij | seil_x86_fuji_firmware | 2.55 |
| iij | seil/x1_firmware | 3.51 |
| iij | seil_x86_fuji_firmware | 2.49 |
| iij | seil_x86_fuji_firmware | 1.94 |
| iij | seil/x2_firmware | 4.41 |
| iij | seil/x1_firmware | 3.60 |
| iij | seil_x86_fuji_firmware | 1.78 |
| iij | seil_x86_fuji_firmware | 3.03 |
| iij | seil/b1_firmware | 4.32 |
| iij | seil_x86_fuji_firmware | 2.01 |
| iij | seil/b1_firmware | 4.00 |
| iij | seil_x86_fuji_firmware | 2.32 |
| iij | seil_x86_fuji_firmware | 2.16 |
| iij | seil_x86_fuji_firmware | 2.65 |
| iij | seil_x86_fuji_firmware | 2.97 |
| iij | seil_x86_fuji_firmware | 3.30 |
| iij | seil_x86_fuji_firmware | 1.70 |
| iij | seil_x86_fuji_firmware | 2.78 |
| iij | seil_x86_fuji_firmware | 1.84 |
| iij | seil_x86_fuji_firmware | 2.71 |
| iij | seil/x2_firmware | 4.31 |
| iij | seil/b1 | * |
| iij | seil_x86_fuji_firmware | 2.40 |
| iij | seil_x86_fuji_firmware | 2.67 |
| iij | seil/x1_firmware | 3.75 |
| iij | seil_x86_fuji_firmware | 2.14 |
| iij | seil/x2_firmware | 4.30 |
| iij | seil_x86_fuji_firmware | 2.58 |
| iij | seil_x86_fuji_firmware | 1.76 |
| iij | seil/b1_firmware | 4.53 |
| iij | seil_x86_fuji_firmware | 2.02 |
| iij | seil_x86_fuji_firmware | 2.03 |
| iij | seil_x86_fuji_firmware | 3.15 |
| iij | seil_x86_fuji_firmware | 2.63 |
| iij | seil_x86_fuji_firmware | 2.89 |
| iij | seil_x86_fuji_firmware | 3.09 |
| iij | seil/x1_firmware | 4.34 |
| iij | seil_x86_fuji_firmware | 1.99 |
| iij | seil_x86_fuji_firmware | 3.00 |
| iij | seil_x86_fuji_firmware | 1.77 |
| iij | seil_x86_fuji_firmware | 2.35 |
| iij | seil_x86_fuji_firmware | 3.01 |
| iij | seil_x86_fuji_firmware | 3.16 |
| iij | seil/x1_firmware | 3.91 |
| iij | seil_x86_fuji_firmware | 3.18 |
| iij | seil_x86_fuji_firmware | 2.61 |
| iij | seil/x2_firmware | 3.91 |
| iij | seil/b1_firmware | 3.51 |
| iij | seil_x86_fuji_firmware | 1.97 |
| iij | seil_x86_fuji_firmware | 2.84 |
| iij | seil_x86_fuji_firmware | 1.85 |
| iij | seil_x86_fuji_firmware | 2.73 |
| iij | seil/x1_firmware | 4.00 |
| iij | seil_x86_fuji_firmware | 3.07 |
| iij | seil_x86_fuji_firmware | 3.08 |
| iij | seil_x86_fuji_firmware | 2.53 |
| iij | seil_x86_fuji_firmware | 2.81 |
| iij | seil_x86_fuji_firmware | 1.96 |
| iij | seil_x86_fuji_firmware | 1.79 |
| iij | seil_x86_fuji_firmware | 2.28 |
| iij | seil_x86_fuji_firmware | 2.51 |
| iij | seil_x86_fuji_firmware | 3.10 |
| iij | seil_x86_fuji_firmware | 2.85 |
| iij | seil/b1_firmware | 3.70 |
| iij | seil_x86_fuji_firmware | 2.10 |
| iij | seil_x86_fuji_firmware | 2.07 |
| iij | seil/b1_firmware | 4.40 |
| iij | seil_x86_fuji_firmware | 1.71 |
| iij | seil_x86_fuji_firmware | 2.54 |
| iij | seil_x86_fuji_firmware | 2.75 |
| iij | seil_x86_fuji_firmware | 2.96 |
| iij | seil/x2_firmware | 4.40 |
| iij | seil_x86_fuji_firmware | 2.43 |
| iij | seil_x86_fuji_firmware | 2.22 |
| iij | seil_x86_fuji_firmware | 2.74 |
| iij | seil/x1_firmware | 3.90 |
| iij | seil_x86_fuji_firmware | 2.70 |
| iij | seil_x86_fuji_firmware | 2.36 |
| iij | seil_x86_fuji_firmware | 3.17 |
| iij | seil_x86_fuji_firmware | 2.34 |
| iij | seil/b1_firmware | 3.91 |
| iij | seil_x86_fuji_firmware | 2.82 |
| iij | seil_x86_fuji_firmware | 2.27 |
| iij | seil/x1_firmware | 4.41 |
| iij | seil/x1_firmware | 4.70 |
| iij | seil_x86_fuji_firmware | 1.72 |
| iij | seil_x86_fuji_firmware | 2.91 |
| iij | seil/x1_firmware | 3.70 |
| iij | seil/b1_firmware | 4.34 |
| iij | seil/x1_firmware | 4.31 |
| iij | seil_x86_fuji_firmware | 2.72 |
IIJ SmartKey App for Android version 2.1.0 and earlier allows remote attackers to bypass authentication [effect_of_bypassing_authentication] via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | smartkey | * |
Information disclosure vulnerability in Android App 'IIJ SmartKey' versions prior to 2.1.4 allows an attacker to obtain a one-time password issued by the product under certain conditions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iij | iij_smartkey | * |