Search

Find a vulnerability

Search criteria

    1 vulnerability found for WLX413 firmware by Yamaha Corporation

    JVNDB-2024-001062

    Vulnerability from jvndb - Published: 2024-01-24 17:16 - Updated:2024-03-13 17:24
    Severity
    Summary
    Yamaha wireless LAN access point devices vulnerable to active debug code
    Details
    Active debug code (CWE-489) exists in wireless LAN access point devices provided by Yamaha Corporation. The debug function can be enabled by performing specific operations. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-001062.html",
      "dc:date": "2024-03-13T17:24+09:00",
      "dcterms:issued": "2024-01-24T17:16+09:00",
      "dcterms:modified": "2024-03-13T17:24+09:00",
      "description": "Active debug code (CWE-489) exists in wireless LAN access point devices provided by Yamaha Corporation.\r\nThe debug function can be enabled by performing specific operations.\r\n\r\nChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-001062.html",
      "sec:cpe": [
        {
          "#text": "cpe:/o:yamaha:wlx202_firmware",
          "@product": "WLX202 firmware",
          "@vendor": "Yamaha Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:yamaha:wlx212_firmware",
          "@product": "WLX212 firmware",
          "@vendor": "Yamaha Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:yamaha:wlx222_firmware",
          "@product": "WLX222 firmware",
          "@vendor": "Yamaha Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:yamaha:wlx313_firmware",
          "@product": "WLX313 firmware",
          "@vendor": "Yamaha Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:yamaha:wlx413_firmware",
          "@product": "WLX413 firmware",
          "@vendor": "Yamaha Corporation",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "5.2",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2024-001062",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU99896362/index.html",
          "@id": "JVNVU#99896362",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-22366",
          "@id": "CVE-2024-22366",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2024-22366",
          "@id": "CVE-2024-22366",
          "@source": "NVD"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/489.html",
          "@id": "CWE-489",
          "@title": "Active Debug Code(CWE-489)"
        }
      ],
      "title": "Yamaha wireless LAN access point devices vulnerable to active debug code"
    }