KDDI HOME SPOT CUBE2 is a home wireless router from KDDI Japan. KDDI HOME SPOT CUBE2 is vulnerable to an operating system command injection vulnerability, which stems from data received from a DHCP server not being processed properly. An attacker could use this vulnerability to execute arbitrary operating system commands on the product.