Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-0512

Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Published

2018-02-08T14:29:00.213

Last Modified

2024-11-21T03:38:23.193

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 6.8 (MEDIUM)

CVSSv2 Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

5.1

Impact Score

10.0

Weaknesses

Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	iodata	hdl-xr_firmware	≤ 2.01	Yes
Hardware	iodata	hdl-xr	-	No
Operating System	iodata	hdl-xrw_firmware	≤ 2.01	Yes
Hardware	iodata	hdl-xrw	-	No
Operating System	iodata	hdl-xr2u_firmware	≤ 2.01	Yes
Hardware	iodata	hdl-xr2u	-	No
Operating System	iodata	hdl-xr2uw_firmware	≤ 2.01	Yes
Hardware	iodata	hdl-xr2uw	-	No
Operating System	iodata	hdl-xv_firmware	≤ 1.50	Yes
Hardware	iodata	hdl-xv	-	No
Operating System	iodata	hdl-xvw_firmware	≤ 1.50	Yes
Hardware	iodata	hdl-xvw	-	No
Operating System	iodata	hdl-gt_firmware	≤ 1.37	Yes
Hardware	iodata	hdl-gt	-	No
Operating System	iodata	hdl-gtr_firmware	≤ 1.37	Yes
Hardware	iodata	hdl-gtr	-	No
Operating System	iodata	hdl-a_firmware	≤ 1.26	Yes
Hardware	iodata	hdl-a	-	No
Operating System	iodata	hdl-ah_firmware	≤ 1.26	Yes
Hardware	iodata	hdl-ah	-	No
Operating System	iodata	hdl2-a_firmware	≤ 1.26	Yes
Hardware	iodata	hdl2-a	-	No
Operating System	iodata	hdl2-ah_firmware	≤ 1.26	Yes
Hardware	iodata	hdl2-ah	-	No
Operating System	iodata	hdl-t_firmware	≤ 1.12	Yes
Hardware	iodata	hdl-t	-	No
Operating System	iodata	hls-c_firmware	≤ 1.12	Yes
Hardware	iodata	hls-c	-	No
Operating System	iodata	hvl-a_firmware	≤ 2.04	Yes
Hardware	iodata	hvl-a	-	No
Operating System	iodata	hvl-at_firmware	≤ 2.04	Yes
Hardware	iodata	hvl-at	-	No
Operating System	iodata	hvl-ata_firmware	≤ 2.04	Yes
Hardware	iodata	hvl-ata	-	No
Operating System	iodata	hvl-s_firmware	≤ 1.00	Yes
Hardware	iodata	hvl-s	-	No
Operating System	iodata	hfas1_firmware	≤ 1.40	Yes
Hardware	iodata	hfas1	-	No
Operating System	iodata	whg-napg_firmware	≤ 1.08	Yes
Hardware	iodata	whg-napg	-	No
Operating System	iodata	whg-napga_firmware	≤ 1.08	Yes
Hardware	iodata	whg-napga	-	No
Operating System	iodata	whg-napgal_firmware	≤ 1.05	Yes
Hardware	iodata	whg-napgal	-	No
Operating System	iodata	whg-ac1750a_firmware	≤ 3.00	Yes
Hardware	iodata	whg-ac1750a	-	No
Operating System	iodata	whg-ac1750_firmware	≤ 1.07	Yes
Hardware	iodata	whg-ac1750	-	No
Operating System	iodata	whg-ac1750al_firmware	≤ 1.07	Yes
Hardware	iodata	whg-ac1750al	-	No
Operating System	iodata	wn-ax1167gr_firmware	≤ 3.11	Yes
Hardware	iodata	wn-ax1167gr	-	No
Operating System	iodata	wn-gx300gr_firmware	≤ 2.00	Yes
Hardware	iodata	wn-gx300gr	-	No
Operating System	iodata	wnpr2600g_firmware	≤ 1.01	Yes
Hardware	iodata	wnpr2600g	-	No
Operating System	iodata	wnpr1750g_firmware	≤ 1.01	Yes
Hardware	iodata	wnpr1750g	-	No
Operating System	iodata	wnpr1167g_firmware	≤ 1.00	Yes
Hardware	iodata	wnpr1167g	-	No
Operating System	iodata	wnpr1167f_firmware	≤ 1.00	Yes
Hardware	iodata	wnpr1167f	-	No
Operating System	iodata	wn-ag750dgr_firmware	≤ 1.08	Yes
Hardware	iodata	wn-ag750dgr	-	No
Operating System	iodata	wn-g300r_firmware	≤ 1.14	Yes
Hardware	iodata	wn-g300r	-	No
Operating System	iodata	wn-g300r3_firmware	≤ 1.04	Yes
Hardware	iodata	wn-g300r3	-	No
Operating System	iodata	wn-ag300dgr_firmware	≤ 1.05	Yes
Hardware	iodata	wn-ag300dgr	-	No
Operating System	iodata	wn-ac1600dgr_firmware	≤ 2.06	Yes
Hardware	iodata	wn-ac1600dgr	-	No
Operating System	iodata	wn-ac1167dgr_firmware	≤ 1.02	Yes
Hardware	iodata	wn-ac1167dgr	-	No
Operating System	iodata	wn-g300ex_firmware	≤ 1.01	Yes
Hardware	iodata	wn-g300ex	-	No
Operating System	iodata	wn-ac1300ex_firmware	≤ 1.02	Yes
Hardware	iodata	wn-ac1300ex	-	No
Operating System	iodata	wn-ac583trk_firmware	≤ 1.05	Yes
Hardware	iodata	wn-ac583trk	-	No
Operating System	iodata	wn-ac583rk_firmware	≤ 1.06	Yes
Hardware	iodata	wn-ac583rk	-	No
Operating System	iodata	wn-g300sr_firmware	≤ 1.00	Yes
Hardware	iodata	wn-g300sr	-	No
Operating System	iodata	bx-vp1_firmware	≤ 2.01	Yes
Hardware	iodata	bx-vp1	-	No
Operating System	iodata	gv-ntx1_firmware	≤ 1.02.00	Yes
Hardware	iodata	gv-ntx1	-	No
Operating System	iodata	gv-ntx2_firmware	≤ 1.02.00	Yes
Hardware	iodata	gv-ntx2	-	No

References

http://www.iodata.jp/support/information/2018/magicalfinder/ Vendor Advisory ([email protected])
https://jvn.jp/en/jp/JVN36048131/index.html Third Party Advisory, VDB Entry ([email protected])
http://www.iodata.jp/support/information/2018/magicalfinder/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://jvn.jp/en/jp/JVN36048131/index.html Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)