MidnightBSD

Advisories for iodata

CVE-2013-4712 MEDIUM

I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
iodata hdl2-ah -
iodata hdl2-a/e -
iodata hdl-a/e -
iodata hdl2-a_firmware 1.07
iodata hdl-a_firmware *
iodata hdl-as -
iodata hdl-ah -
CVE-2013-4713 LOW

Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
iodata rockdisk_firmware 1.03y-1.16
iodata rockdisk_firmware 1.04b-1.21
iodata rockdisk_firmware 1.04t-2.0.2
iodata rockdisk_firmware 1.04a-1.2
iodata rockdisk_firmware 1.04r3-2.0.1
iodata rockdisk_firmware 1.04n-2.0.1
iodata rockdisk -
iodata rockdisk_firmware 1.03w-1.14
iodata rockdisk_firmware 1.04d-2.0.1
iodata rockdisk_firmware 1.04m-2.0.1
iodata rockdisk_firmware *
iodata rockdisk_firmware 1.03v3-1.13
CVE-2014-3887 LOW

Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-4713.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
iodata rockdisk_firmware *
CVE-2014-3895 MEDIUM

The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and earlier, TS-PTCAM/POE camera with firmware 1.08 and earlier, and TS-WLC2 camera with firmware 1.02 and earlier allow remote attackers to bypass authentication, and consequently obtain sensitive credential and configuration data, via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
iodata ts-ptcam_camera -
iodata ts-ptcam/poe_camera_firmware *
iodata ts-wlc2_camera -
iodata ts-wlcam/v_camera -
iodata ts-wlcam/v_camera_firmware *
iodata ts-wlcam_camera_firmware *
iodata ts-ptcam_camera_firmware *
iodata ts-wptcam_camera -
iodata ts-ptcam/poe_camera -
iodata ts-wlcam_camera -
iodata ts-wlc2_camera_firmware *
iodata ts-wptcam_camera_firmware *
CVE-2015-2984 MEDIUM

I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service (SSDP reflection) via UPnP requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
iodata wn-g54/r2_firmware *
CVE-2016-1206 LOW

The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a brute-force attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
iodata wn-gdn/r3_firmware -
CVE-2016-1207 LOW

Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
iodata wn-g300r2_firmware *
iodata wn-g300r3_firmware *
iodata wn-g300r_firmware *
CVE-2016-4820 MEDIUM

Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows remote attackers to hijack the authentication of arbitrary users.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
iodata etx-r_firmware -
CVE-2016-4821 MEDIUM

I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
iodata etx-r_firmware -
CVE-2016-4845 MEDIUM

Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
iodata hvl-at3.0_firmware 2.03
iodata hvl-at4.0_firmware 2.03
iodata hvl-a2.0_firmware 2.03
iodata hvl-at2.0_firmware 2.03
iodata hvl-at1.0s_firmware 2.03
iodata hvl-at2.0a_firmware 2.03
iodata hvl-a3.0_firmware 2.03
iodata hvl-a4.0_firmware 2.03
iodata hvl-at4.0a_firmware 2.03
iodata hvl-at3.0a_firmware 2.03
CVE-2016-7806 HIGH

I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
iodata wfs-sr01_firmware *
CVE-2016-7807 MEDIUM

I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
iodata wfs-sr01_firmware *
CVE-2016-7814 MEDIUM

I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
iodata ts-wrlp_firmware *
iodata ts-wrla_firmware *
CVE-2016-7819 HIGH

I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
iodata ts-wrlp_firmware *
iodata ts-wrla_firmware *
CVE-2016-7820 HIGH

Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service (DoS) or execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
iodata ts-wrlp_firmware *
iodata ts-wrla_firmware *
CVE-2017-10875 MEDIUM

I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
iodata lan_disk_connect_firmware *
CVE-2017-2111 MEDIUM

HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier may allow a remote attackers to display false information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-93,

Products Affected

Vendor Product Version
iodata ts-wrlc_firmware *
iodata ts-ptcam_firmware *
iodata ts-wptcam_firmware *
iodata ts-wlc2_firmware *
iodata ts-wptcam2_firmware 1.00
iodata ts-ptcam/poe_firmware *
iodata ts-wlce_firmware *
CVE-2017-2112 HIGH

TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
iodata ts-wrlc_firmware *
iodata ts-ptcam_firmware *
iodata ts-wptcam_firmware *
iodata ts-wlc2_firmware *
iodata ts-wptcam2_firmware 1.00
iodata ts-ptcam/poe_firmware *
iodata ts-wlce_firmware *
CVE-2017-2113 HIGH

Buffer overflow in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
iodata ts-wrlc_firmware *
iodata ts-ptcam_firmware *
iodata ts-wptcam_firmware *
iodata ts-wlc2_firmware *
iodata ts-wptcam2_firmware 1.00
iodata ts-ptcam/poe_firmware *
iodata ts-wlce_firmware *
CVE-2017-2141 HIGH

WN-G300R3 firmware 1.03 and earlier allows attackers with administrator rights to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
iodata wn-g300r3_firmware *
CVE-2017-2142 HIGH

Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
iodata wn-g300r3_firmware *
CVE-2017-2148 LOW

Cross-site scripting vulnerability in WN-AC1167GR firmware version 1.04 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
iodata wn-ac1167gr_firmware *
CVE-2017-2223 MEDIUM

Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC firmware version 1.19 and earlier and TS-WPTCAM2 firmware version 1.01 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
iodata ts-ptcam/poe_camera_firmware *
iodata ts-ptcam_camera_firmware *
iodata ts-wlc2_camera_firmware *
iodata ts-wlce_camera_firmware *
iodata ts-wrlc_camera_firmware *
iodata ts-wptcam2_firmware *
iodata ts-wptcam_camera_firmware *
CVE-2017-2280 HIGH

WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-798,

Products Affected

Vendor Product Version
iodata wn-ax1167gr_firmware 3.00
CVE-2017-2281 HIGH

WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
iodata wn-ax1167gr_firmware 3.00
CVE-2017-2282 MEDIUM

Buffer overflow in WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
iodata wn-ax1167gr_firmware 3.00
CVE-2017-2283 MEDIUM

WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-798,

Products Affected

Vendor Product Version
iodata wn-g300r3_firmware *
CVE-2018-0512 HIGH

Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
iodata wn-ac1600dgr_firmware *
iodata wn-gx300gr_firmware *
iodata wn-g300ex_firmware *
iodata hls-c_firmware *
iodata whg-napga_firmware *
iodata wn-ag300dgr_firmware *
iodata wnpr1750g_firmware *
iodata gv-ntx1_firmware *
iodata whg-ac1750_firmware *
iodata wn-ax1167gr_firmware *
iodata wnpr1167g_firmware *
iodata hdl-t_firmware *
iodata hvl-a_firmware *
iodata bx-vp1_firmware *
iodata hdl-a_firmware *
iodata hdl-xr_firmware *
iodata wn-ac583trk_firmware *
iodata hvl-at_firmware *
iodata hvl-s_firmware *
iodata whg-napg_firmware *
iodata wnpr2600g_firmware *
iodata hdl2-a_firmware *
iodata hdl-xvw_firmware *
iodata whg-ac1750al_firmware *
iodata hdl-ah_firmware *
iodata hvl-ata_firmware *
iodata whg-napgal_firmware *
iodata whg-ac1750a_firmware *
iodata hdl-xr2u_firmware *
iodata hfas1_firmware *
iodata wn-ac1167dgr_firmware *
iodata wn-ac1300ex_firmware *
iodata hdl-xv_firmware *
iodata hdl-xrw_firmware *
iodata wn-g300r3_firmware *
iodata wn-ac583rk_firmware *
iodata gv-ntx2_firmware *
iodata hdl2-ah_firmware *
iodata wn-ag750dgr_firmware *
iodata hdl-gtr_firmware *
iodata wn-g300sr_firmware *
iodata hdl-gt_firmware *
iodata wnpr1167f_firmware *
iodata wn-g300r_firmware *
iodata hdl-xr2uw_firmware *
CVE-2018-0661 HIGH

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
iodata ts-wrlp_firmware *
iodata ts-wrla_firmware *
iodata ts-wrlp/e_firmware *
CVE-2018-0662 HIGH

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to add malicious files on the device and execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
iodata ts-wrlp_firmware *
iodata ts-wrla_firmware *
iodata ts-wrlp/e_firmware *
CVE-2018-0663 HIGH

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-798,

Products Affected

Vendor Product Version
iodata ts-wrlp_firmware *
iodata ts-wrla_firmware *
iodata ts-wrlp/e_firmware *
CVE-2019-19822 MEDIUM

A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,

Products Affected

Vendor Product Version
sapido gr297n_firmware *
ciktel mesh_router_firmware *
realtek rtk_11n_ap_firmware *
fg-products fgn-r2_firmware *
totolink a3002ru_firmware *
hcn_max-c300n_project hcn_max-c300n_firmware *
totolink n200re_firmware *
kctvjeju wireless_ap_firmware *
tbroad gn-866ac_firmware *
totolink n300rt_firmware *
totolink n150rt_firmware *
totolink n301rt_firmware *
totolink a702r_firmware *
totolink n302r_firmware *
coship emta_ap_firmwre *
hiwifi max-c300n_firmware *
totolink n100re_firmware *
iodata wn-ac1167r_firmwre *
CVE-2019-19823 MEDIUM

A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-522,

Products Affected

Vendor Product Version
sapido gr297n_firmware *
ciktel mesh_router_firmware *
realtek rtk_11n_ap_firmware *
fg-products fgn-r2_firmware *
totolink a3002ru_firmware *
hcn_max-c300n_project hcn_max-c300n_firmware *
totolink n200re_firmware *
kctvjeju wireless_ap_firmware *
tbroad gn-866ac_firmware *
totolink n300rt_firmware *
totolink n150rt_firmware *
totolink n301rt_firmware *
totolink a702r_firmware *
totolink n302r_firmware *
coship emta_ap_firmwre *
hiwifi max-c300n_firmware *
totolink n100re_firmware *
iodata wn-ac1167r_firmwre *
CVE-2023-29804

WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the sys_smb_pwdmod function.

Products Affected

Vendor Product Version
iodata wfs-sr03w_firmware 1.03
iodata wfs-sr03k_firmware 1.03
CVE-2023-29805

WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the pro_stor_canceltrans_handler_part_19 function.

Products Affected

Vendor Product Version
iodata wfs-sr03w_firmware 1.03
iodata wfs-sr03k_firmware 1.03