Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities found for aterm_hc100rc_firmware by nec
CVE-2018-0641 (GCVE-0-2018-0641)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0641",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0640 (GCVE-0-2018-0640)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0640",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0639 (GCVE-0-2018-0639)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:47.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0639",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:47.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0638 (GCVE-0-2018-0638)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0638",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0637 (GCVE-0-2018-0637)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:47.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0637",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:47.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0636 (GCVE-0-2018-0636)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:47.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0636",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0636",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:47.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0635 (GCVE-0-2018-0635)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0635",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0634 (GCVE-0-2018-0634)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0634",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0639 (GCVE-0-2018-0639)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:47.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0639",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:47.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0638 (GCVE-0-2018-0638)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0638",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0636 (GCVE-0-2018-0636)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:47.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0636",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0636",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:47.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0634 (GCVE-0-2018-0634)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0634",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0640 (GCVE-0-2018-0640)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0640",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0637 (GCVE-0-2018-0637)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:47.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0637",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:47.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0635 (GCVE-0-2018-0635)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0635",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0641 (GCVE-0-2018-0641)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 03:35
VLAI?
Summary
Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NEC Corporation | HC100RC |
Affected:
Ver1.0.1 and earlier
|
Date Public ?
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HC100RC",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.0.1 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84825660",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HC100RC",
"version": {
"version_data": [
{
"version_value": "Ver1.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84825660",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN84825660/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-011.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0641",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}