Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for L-04D by LG Electronics

    JVNDB-2016-000194

    Vulnerability from jvndb - Published: 2016-10-03 15:17 - Updated:2018-01-17 11:53
    Severity
    Summary
    Docomo L-04D mobile WiFi router vulnerable to cross-site request forgery
    Details
    L-04D provided by NTT DOCOMO, INC. is a wireless WiFi router. L-04D contains a cross-site request forgery vulnerability in the the web management screen. Atsuo Sakurai of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000194.html",
      "dc:date": "2018-01-17T11:53+09:00",
      "dcterms:issued": "2016-10-03T15:17+09:00",
      "dcterms:modified": "2018-01-17T11:53+09:00",
      "description": "L-04D provided by NTT DOCOMO, INC. is a wireless WiFi router.  L-04D contains a cross-site request forgery vulnerability in the the web management screen.\r\n\r\nAtsuo Sakurai of Cyber Defense Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000194.html",
      "sec:cpe": {
        "#text": "cpe:/h:lg_electronics:l-04d",
        "@product": "L-04D",
        "@vendor": "LG Electronics\u3000",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "2.6",
          "@severity": "Low",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.3",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000194",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN46351856/index.html",
          "@id": "JVN#46351856",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4854",
          "@id": "CVE-2016-4854",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-4854",
          "@id": "CVE-2016-4854",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-352",
          "@title": "Cross-Site Request Forgery(CWE-352)"
        }
      ],
      "title": "Docomo L-04D mobile WiFi router vulnerable to cross-site request forgery"
    }

    JVNDB-2014-000140

    Vulnerability from jvndb - Published: 2014-12-02 14:27 - Updated:2014-12-08 16:07
    Severity
    N/A (UNKNOWN) - -
    Summary
    LG Electronics mobile access routers lack access restrictions
    Details
    LG Electronics mobile access routers provided by NTT DOCOMO, INC. lack access restrictions in the web administration interface. Taiga Asano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000140.html",
      "dc:date": "2014-12-08T16:07+09:00",
      "dcterms:issued": "2014-12-02T14:27+09:00",
      "dcterms:modified": "2014-12-08T16:07+09:00",
      "description": "LG Electronics mobile access routers provided by NTT DOCOMO, INC. lack access restrictions in the web administration interface.\r\n\r\nTaiga Asano reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000140.html",
      "sec:cpe": [
        {
          "#text": "cpe:/h:lg_electronics:l-03e",
          "@product": "L-03E",
          "@vendor": "LG Electronics\u3000",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:lg_electronics:l-04d",
          "@product": "L-04D",
          "@vendor": "LG Electronics\u3000",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:lg_electronics:l-09c",
          "@product": "L-09C",
          "@vendor": "LG Electronics\u3000",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "3.3",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2014-000140",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN71762315/index.html",
          "@id": "JVN#71762315",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7243",
          "@id": "CVE-2014-7243",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7243",
          "@id": "CVE-2014-7243",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-264",
          "@title": "Permissions(CWE-264)"
        }
      ],
      "title": "LG Electronics mobile access routers lack access restrictions"
    }