PT-2017-15223 · Toshiba · Flashair Sdhc Memory Card

Takayoshi Isayama

Published

2017-05-22

Updated

2019-10-03

CVE-2017-2162

CVSS v3.1

4.3

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions FlashAirTM SDHC Memory Card (SD-WE Series ) versions V3.00.02 and earlier FlashAirTM SDHC Memory Card (SD-WD/WC Series ) versions V2.00.04 and earlier

Description The issue allows default credentials to be set for wireless LAN connections when the PhotoShare function is enabled through a web browser. This could potentially allow unauthorized access to the device.

Recommendations For FlashAirTM SDHC Memory Card (SD-WE Series ) versions V3.00.02 and earlier, change the default credentials to secure ones as soon as possible. For FlashAirTM SDHC Memory Card (SD-WD/WC Series ) versions V2.00.04 and earlier, update the credentials to secure ones to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-2162

Affected Products

Flashair Sdhc Memory Card

PT-2017-15223 · Toshiba · Flashair Sdhc Memory Card

CVE-2017-2162

Related Identifiers

Affected Products

References · 5