Search
Find a vulnerability
Search criteria
4 vulnerabilities found for hdl2-a_firmware by iodata
CVE-2018-0512 (GCVE-0-2018-0512)
Vulnerability from nvd – Published: 2018-02-08 14:00 – Updated: 2024-08-05 03:28
VLAI
Summary
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN36048131/index.html | third-party-advisoryx_refsource_JVN |
| http://www.iodata.jp/support/information/2018/mag… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| I-O DATA DEVICE, INC. | IP address setting tool "MagicalFinder" |
Affected:
all versions
|
Date Public
2018-02-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:11.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#36048131",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IP address setting tool \"MagicalFinder\"",
"vendor": "I-O DATA DEVICE, INC.",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"datePublic": "2018-02-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Devices with IP address setting tool \"MagicalFinder\" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-08T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#36048131",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IP address setting tool \"MagicalFinder\"",
"version": {
"version_data": [
{
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "I-O DATA DEVICE, INC."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Devices with IP address setting tool \"MagicalFinder\" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#36048131",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"name": "http://www.iodata.jp/support/information/2018/magicalfinder/",
"refsource": "CONFIRM",
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0512",
"datePublished": "2018-02-08T14:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:28:11.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4712 (GCVE-0-2013-4712)
Vulnerability from nvd – Published: 2013-10-19 10:00 – Updated: 2024-09-16 20:26
VLAI
Summary
I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://rm2.iobb.net | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN52509236/index.html | third-party-advisoryx_refsource_JVN |
| http://jvn.jp/en/jp/JVN52509236/225184/index.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095 | third-party-advisoryx_refsource_JVNDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rm2.iobb.net"
},
{
"name": "JVN#52509236",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN52509236/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
},
{
"name": "JVNDB-2013-000095",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-19T10:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rm2.iobb.net"
},
{
"name": "JVN#52509236",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN52509236/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
},
{
"name": "JVNDB-2013-000095",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-4712",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rm2.iobb.net",
"refsource": "CONFIRM",
"url": "http://rm2.iobb.net"
},
{
"name": "JVN#52509236",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN52509236/index.html"
},
{
"name": "http://jvn.jp/en/jp/JVN52509236/225184/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
},
{
"name": "JVNDB-2013-000095",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-4712",
"datePublished": "2013-10-19T10:00:00.000Z",
"dateReserved": "2013-06-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:26:42.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0512 (GCVE-0-2018-0512)
Vulnerability from cvelistv5 – Published: 2018-02-08 14:00 – Updated: 2024-08-05 03:28
VLAI
Summary
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN36048131/index.html | third-party-advisoryx_refsource_JVN |
| http://www.iodata.jp/support/information/2018/mag… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| I-O DATA DEVICE, INC. | IP address setting tool "MagicalFinder" |
Affected:
all versions
|
Date Public
2018-02-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:11.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#36048131",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IP address setting tool \"MagicalFinder\"",
"vendor": "I-O DATA DEVICE, INC.",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"datePublic": "2018-02-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Devices with IP address setting tool \"MagicalFinder\" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-08T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#36048131",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IP address setting tool \"MagicalFinder\"",
"version": {
"version_data": [
{
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "I-O DATA DEVICE, INC."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Devices with IP address setting tool \"MagicalFinder\" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#36048131",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN36048131/index.html"
},
{
"name": "http://www.iodata.jp/support/information/2018/magicalfinder/",
"refsource": "CONFIRM",
"url": "http://www.iodata.jp/support/information/2018/magicalfinder/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0512",
"datePublished": "2018-02-08T14:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:28:11.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4712 (GCVE-0-2013-4712)
Vulnerability from cvelistv5 – Published: 2013-10-19 10:00 – Updated: 2024-09-16 20:26
VLAI
Summary
I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://rm2.iobb.net | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN52509236/index.html | third-party-advisoryx_refsource_JVN |
| http://jvn.jp/en/jp/JVN52509236/225184/index.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095 | third-party-advisoryx_refsource_JVNDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rm2.iobb.net"
},
{
"name": "JVN#52509236",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN52509236/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
},
{
"name": "JVNDB-2013-000095",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-19T10:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rm2.iobb.net"
},
{
"name": "JVN#52509236",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN52509236/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
},
{
"name": "JVNDB-2013-000095",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-4712",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rm2.iobb.net",
"refsource": "CONFIRM",
"url": "http://rm2.iobb.net"
},
{
"name": "JVN#52509236",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN52509236/index.html"
},
{
"name": "http://jvn.jp/en/jp/JVN52509236/225184/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN52509236/225184/index.html"
},
{
"name": "JVNDB-2013-000095",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-4712",
"datePublished": "2013-10-19T10:00:00.000Z",
"dateReserved": "2013-06-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:26:42.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}