PT-2018-9001 · I O Data · Ts-Wrlp+2
Daiki Ichinose
+1
·
Publicado
2018-09-07
·
Atualizado
2018-11-01
·
CVE-2018-0663
CVSS v2.0
9.0
Alta
| Vetor | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
I-O DATA network camera products TS-WRLP versions 1.09.04 and earlier
I-O DATA network camera products TS-WRLA versions 1.09.04 and earlier
I-O DATA network camera products TS-WRLP/E versions 1.09.04 and earlier
Description
The issue concerns the use of hardcoded credentials in the affected products, potentially allowing a remote authenticated attacker to execute arbitrary OS commands on the device.
Recommendations
For TS-WRLP versions 1.09.04 and earlier, update to a version later than 1.09.04 to resolve the issue.
For TS-WRLA versions 1.09.04 and earlier, update to a version later than 1.09.04 to resolve the issue.
For TS-WRLP/E versions 1.09.04 and earlier, update to a version later than 1.09.04 to resolve the issue.
Correção
Using Hardcoded Credentials
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ts-Wrla
Ts-Wrlp
Ts-Wrlp/E