Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

12 vulnerabilities found for home_spot_cube_firmware by kddi

CVE-2016-1141 (GCVE-0-2016-1141)

Vulnerability from nvd – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000012 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000012",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000012"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000012",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000012"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000012",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000012"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1141",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1140 (GCVE-0-2016-1140)

Vulnerability from nvd – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000011 third-party-advisoryx_refsource_JVNDB
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.174Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          },
          {
            "name": "JVNDB-2016-000011",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        },
        {
          "name": "JVNDB-2016-000011",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000011"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            },
            {
              "name": "JVNDB-2016-000011",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000011"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1140",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1139 (GCVE-0-2016-1139)

Vulnerability from nvd – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:12.979Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000010",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000010",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1139",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000010",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1139",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:12.979Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1138 (GCVE-0-2016-1138)

Vulnerability from nvd – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000009 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.347Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000009",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000009"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000009",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000009"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000009",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000009"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1138",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1137 (GCVE-0-2016-1137)

Vulnerability from nvd – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000008 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.335Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000008",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000008"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000008",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000008"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1137",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000008",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000008"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1137",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.335Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1136 (GCVE-0-2016-1136)

Vulnerability from nvd – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000007",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000007",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1136",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000007",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1136",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1141 (GCVE-0-2016-1141)

Vulnerability from cvelistv5 – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000012 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000012",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000012"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000012",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000012"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000012",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000012"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1141",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1137 (GCVE-0-2016-1137)

Vulnerability from cvelistv5 – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000008 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.335Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000008",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000008"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000008",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000008"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1137",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000008",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000008"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1137",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.335Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1138 (GCVE-0-2016-1138)

Vulnerability from cvelistv5 – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000009 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.347Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000009",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000009"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000009",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000009"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000009",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000009"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1138",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1140 (GCVE-0-2016-1140)

Vulnerability from cvelistv5 – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000011 third-party-advisoryx_refsource_JVNDB
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.174Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          },
          {
            "name": "JVNDB-2016-000011",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        },
        {
          "name": "JVNDB-2016-000011",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000011"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            },
            {
              "name": "JVNDB-2016-000011",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000011"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1140",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1136 (GCVE-0-2016-1136)

Vulnerability from cvelistv5 – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000007",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000007",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1136",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000007",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1136",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:13.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-1139 (GCVE-0-2016-1139)

Vulnerability from cvelistv5 – Published: 2016-01-30 15:00 – Updated: 2024-08-05 22:48
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.au.kddi.com/mobile/service/smartphone/… x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010 third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN54686544/index.html third-party-advisoryx_refsource_JVN
Date Public ?
2016-01-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:12.979Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
          },
          {
            "name": "JVNDB-2016-000010",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010"
          },
          {
            "name": "JVN#54686544",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-30T14:57:01.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
        },
        {
          "name": "JVNDB-2016-000010",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010"
        },
        {
          "name": "JVN#54686544",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-1139",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06",
              "refsource": "CONFIRM",
              "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
            },
            {
              "name": "JVNDB-2016-000010",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010"
            },
            {
              "name": "JVN#54686544",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN54686544/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-1139",
    "datePublished": "2016-01-30T15:00:00.000Z",
    "dateReserved": "2015-12-26T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:48:12.979Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}