Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities found for skybridge_mb-a100_firmware by seiko-sol
CVE-2023-25072 (GCVE-0-2023-25072)
Vulnerability from nvd – Published: 2023-05-10 00:00 – Updated: 2025-01-28 14:42
VLAI?
Summary
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product.
Severity ?
6.5 (Medium)
CWE
- Use of weak credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25072",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:41:39.168765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-521",
"description": "CWE-521 Weak Password Requirements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:42:41.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of weak credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-25072",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T14:42:41.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25070 (GCVE-0-2023-25070)
Vulnerability from nvd – Published: 2023-05-10 00:00 – Updated: 2025-01-28 14:46
VLAI?
Summary
Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product.
Severity ?
4.8 (Medium)
CWE
- Cleartext transmission of sensitive information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25070",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:44:06.471233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:46:37.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator\u0027s communication to the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext transmission of sensitive information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-25070",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T14:46:37.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24586 (GCVE-0-2023-24586)
Vulnerability from nvd – Published: 2023-05-10 00:00 – Updated: 2025-01-28 14:48
VLAI?
Summary
Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product.
Severity ?
CWE
- Cleartext storage of sensitive information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:48:02.607702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:48:12.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext storage of sensitive information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-24586",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T14:48:12.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23906 (GCVE-0-2023-23906)
Vulnerability from nvd – Published: 2023-05-10 00:00 – Updated: 2025-01-28 16:35
VLAI?
Summary
Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product.
Severity ?
7.5 (High)
CWE
- Missing authentication for critical function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T16:35:00.376149Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T16:35:14.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing authentication for critical function",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-23906",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T16:35:14.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22361 (GCVE-0-2023-22361)
Vulnerability from nvd – Published: 2023-05-10 00:00 – Updated: 2025-01-28 14:55
VLAI?
Summary
Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier allows a remote authenticated attacker to alter a WebUI password of the product.
Severity ?
4.3 (Medium)
CWE
- Improper privilege management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:55:27.020494Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:55:30.333Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier allows a remote authenticated attacker to alter a WebUI password of the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper privilege management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-22361",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T14:55:30.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36558 (GCVE-0-2022-36558)
Vulnerability from nvd – Published: 2022-08-29 22:46 – Updated: 2024-08-03 10:07
VLAI?
Summary
Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:07:34.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-29T22:46:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"name": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/",
"refsource": "MISC",
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36558",
"datePublished": "2022-08-29T22:46:21.000Z",
"dateReserved": "2022-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:07:34.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36557 (GCVE-0-2022-36557)
Vulnerability from nvd – Published: 2022-08-29 22:46 – Updated: 2024-08-03 10:07
VLAI?
Summary
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:07:34.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-29T22:46:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"name": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/",
"refsource": "MISC",
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36557",
"datePublished": "2022-08-29T22:46:20.000Z",
"dateReserved": "2022-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:07:34.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36556 (GCVE-0-2022-36556)
Vulnerability from nvd – Published: 2022-08-29 22:46 – Updated: 2024-08-03 10:07
VLAI?
Summary
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:07:34.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-29T22:46:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"name": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/",
"refsource": "MISC",
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36556",
"datePublished": "2022-08-29T22:46:19.000Z",
"dateReserved": "2022-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:07:34.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25070 (GCVE-0-2023-25070)
Vulnerability from cvelistv5 – Published: 2023-05-10 00:00 – Updated: 2025-01-28 14:46
VLAI?
Summary
Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product.
Severity ?
4.8 (Medium)
CWE
- Cleartext transmission of sensitive information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25070",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:44:06.471233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:46:37.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator\u0027s communication to the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext transmission of sensitive information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-25070",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T14:46:37.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23906 (GCVE-0-2023-23906)
Vulnerability from cvelistv5 – Published: 2023-05-10 00:00 – Updated: 2025-01-28 16:35
VLAI?
Summary
Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product.
Severity ?
7.5 (High)
CWE
- Missing authentication for critical function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T16:35:00.376149Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T16:35:14.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing authentication for critical function",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-23906",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T16:35:14.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22361 (GCVE-0-2023-22361)
Vulnerability from cvelistv5 – Published: 2023-05-10 00:00 – Updated: 2025-01-28 14:55
VLAI?
Summary
Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier allows a remote authenticated attacker to alter a WebUI password of the product.
Severity ?
4.3 (Medium)
CWE
- Improper privilege management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:55:27.020494Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:55:30.333Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier allows a remote authenticated attacker to alter a WebUI password of the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper privilege management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-22361",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T14:55:30.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25072 (GCVE-0-2023-25072)
Vulnerability from cvelistv5 – Published: 2023-05-10 00:00 – Updated: 2025-01-28 14:42
VLAI?
Summary
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product.
Severity ?
6.5 (Medium)
CWE
- Use of weak credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25072",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:41:39.168765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-521",
"description": "CWE-521 Weak Password Requirements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:42:41.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of weak credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-25072",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T14:42:41.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24586 (GCVE-0-2023-24586)
Vulnerability from cvelistv5 – Published: 2023-05-10 00:00 – Updated: 2025-01-28 14:48
VLAI?
Summary
Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product.
Severity ?
CWE
- Cleartext storage of sensitive information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Seiko Solutions Inc. | SkyBridge MB-A100/110 |
Affected:
firmware Ver. 4.2.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:48:02.607702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:48:12.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SkyBridge MB-A100/110",
"vendor": "Seiko Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "firmware Ver. 4.2.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext storage of sensitive information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T00:00:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.seiko-sol.co.jp/archives/73969/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/"
},
{
"url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/"
},
{
"url": "https://jvn.jp/en/jp/JVN40604023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-24586",
"datePublished": "2023-05-10T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-28T14:48:12.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36558 (GCVE-0-2022-36558)
Vulnerability from cvelistv5 – Published: 2022-08-29 22:46 – Updated: 2024-08-03 10:07
VLAI?
Summary
Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:07:34.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-29T22:46:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"name": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/",
"refsource": "MISC",
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36558",
"datePublished": "2022-08-29T22:46:21.000Z",
"dateReserved": "2022-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:07:34.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36557 (GCVE-0-2022-36557)
Vulnerability from cvelistv5 – Published: 2022-08-29 22:46 – Updated: 2024-08-03 10:07
VLAI?
Summary
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:07:34.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-29T22:46:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"name": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/",
"refsource": "MISC",
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36557",
"datePublished": "2022-08-29T22:46:20.000Z",
"dateReserved": "2022-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:07:34.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36556 (GCVE-0-2022-36556)
Vulnerability from cvelistv5 – Published: 2022-08-29 22:46 – Updated: 2024-08-03 10:07
VLAI?
Summary
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:07:34.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-29T22:46:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"
},
{
"name": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/",
"refsource": "MISC",
"url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36556",
"datePublished": "2022-08-29T22:46:19.000Z",
"dateReserved": "2022-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:07:34.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}