Lucene search

JpcertCVE-2018-0512

HistoryFeb 08, 2018 - 2:29 p.m.

CVE-2018-0512

2018-02-0814:29:00

CWE-78

jpcert

web.nvd.nist.gov

cve-2018-0512

magicalfinder

i-o data device

inc.

authenticated attackers

arbitrary os commands

CVSS2

7.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:C/I:C/A:C

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

13.1%

JSON

Devices with IP address setting tool “MagicalFinder” provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Affected configurations

Nvd

Node

iodatahdl-xr_firmwareRange≤2.01

AND

iodatahdl-xrMatch-

Node

iodatahdl-xrw_firmwareRange≤2.01

AND

iodatahdl-xrwMatch-

Node

iodatahdl-xr2u_firmwareRange≤2.01

AND

iodatahdl-xr2uMatch-

Node

iodatahdl-xr2uw_firmwareRange≤2.01

AND

iodatahdl-xr2uwMatch-

Node

iodatahdl-xv_firmwareRange≤1.50

AND

iodatahdl-xvMatch-

Node

iodatahdl-xvw_firmwareRange≤1.50

AND

iodatahdl-xvwMatch-

Node

iodatahdl-gt_firmwareRange≤1.37

AND

iodatahdl-gtMatch-

Node

iodatahdl-gtr_firmwareRange≤1.37

AND

iodatahdl-gtrMatch-

Node

iodatahdl-a_firmwareRange≤1.26

AND

iodatahdl-aMatch-

Node

iodatahdl-ah_firmwareRange≤1.26

AND

iodatahdl-ahMatch-

Node

iodatahdl2-a_firmwareRange≤1.26

AND

iodatahdl2-aMatch-

Node

iodatahdl2-ah_firmwareRange≤1.26

AND

iodatahdl2-ahMatch-

Node

iodatahdl-t_firmwareRange≤1.12

AND

iodatahdl-tMatch-

Node

iodatahls-c_firmwareRange≤1.12

AND

iodatahls-cMatch-

Node

iodatahvl-a_firmwareRange≤2.04

AND

iodatahvl-aMatch-

Node

iodatahvl-at_firmwareRange≤2.04

AND

iodatahvl-atMatch-

Node

iodatahvl-ata_firmwareRange≤2.04

AND

iodatahvl-ataMatch-

Node

iodatahvl-s_firmwareRange≤1.00

AND

iodatahvl-sMatch-

Node

iodatahfas1_firmwareRange≤1.40

AND

iodatahfas1Match-

Node

iodatawhg-napg_firmwareRange≤1.08

AND

iodatawhg-napgMatch-

Node

iodatawhg-napga_firmwareRange≤1.08

AND

iodatawhg-napgaMatch-

Node

iodatawhg-napgal_firmwareRange≤1.05

AND

iodatawhg-napgalMatch-

Node

iodatawhg-ac1750a_firmwareRange≤3.00

AND

iodatawhg-ac1750aMatch-

Node

iodatawhg-ac1750_firmwareRange≤1.07

AND

iodatawhg-ac1750Match-

Node

iodatawhg-ac1750al_firmwareRange≤1.07

AND

iodatawhg-ac1750alMatch-

Node

iodatawn-ax1167gr_firmwareRange≤3.11

AND

iodatawn-ax1167grMatch-

Node

iodatawn-gx300gr_firmwareRange≤2.00

AND

iodatawn-gx300grMatch-

Node

iodatawnpr2600g_firmwareRange≤1.01

AND

iodatawnpr2600gMatch-

Node

iodatawnpr1750g_firmwareRange≤1.01

AND

iodatawnpr1750gMatch-

Node

iodatawnpr1167g_firmwareRange≤1.00

AND

iodatawnpr1167gMatch-

Node

iodatawnpr1167f_firmwareRange≤1.00

AND

iodatawnpr1167fMatch-

Node

iodatawn-ag750dgr_firmwareRange≤1.08

AND

iodatawn-ag750dgrMatch-

Node

iodatawn-g300r_firmwareRange≤1.14

AND

iodatawn-g300rMatch-

Node

iodatawn-g300r3_firmwareRange≤1.04

AND

iodatawn-g300r3Match-

Node

iodatawn-ag300dgr_firmwareRange≤1.05

AND

iodatawn-ag300dgrMatch-

Node

iodatawn-ac1600dgr_firmwareRange≤2.06

AND

iodatawn-ac1600dgrMatch-

Node

iodatawn-ac1167dgr_firmwareRange≤1.02

AND

iodatawn-ac1167dgrMatch-

Node

iodatawn-g300ex_firmwareRange≤1.01

AND

iodatawn-g300exMatch-

Node

iodatawn-ac1300ex_firmwareRange≤1.02

AND

iodatawn-ac1300exMatch-

Node

iodatawn-ac583trk_firmwareRange≤1.05

AND

iodatawn-ac583trkMatch-

Node

iodatawn-ac583rk_firmwareRange≤1.06

AND

iodatawn-ac583rkMatch-

Node

iodatawn-g300sr_firmwareRange≤1.00

AND

iodatawn-g300srMatch-

Node

iodatabx-vp1_firmwareRange≤2.01

AND

iodatabx-vp1Match-

Node

iodatagv-ntx1_firmwareRange≤1.02.00

AND

iodatagv-ntx1Match-

Node

iodatagv-ntx2_firmwareRange≤1.02.00

AND

iodatagv-ntx2Match-

VendorProductVersionCPE
iodatahdl-xr_firmware*cpe:2.3:o:iodata:hdl-xr_firmware:*:*:*:*:*:*:*:*
iodatahdl-xr-cpe:2.3:h:iodata:hdl-xr:-:*:*:*:*:*:*:*
iodatahdl-xrw_firmware*cpe:2.3:o:iodata:hdl-xrw_firmware:*:*:*:*:*:*:*:*
iodatahdl-xrw-cpe:2.3:h:iodata:hdl-xrw:-:*:*:*:*:*:*:*
iodatahdl-xr2u_firmware*cpe:2.3:o:iodata:hdl-xr2u_firmware:*:*:*:*:*:*:*:*
iodatahdl-xr2u-cpe:2.3:h:iodata:hdl-xr2u:-:*:*:*:*:*:*:*
iodatahdl-xr2uw_firmware*cpe:2.3:o:iodata:hdl-xr2uw_firmware:*:*:*:*:*:*:*:*
iodatahdl-xr2uw-cpe:2.3:h:iodata:hdl-xr2uw:-:*:*:*:*:*:*:*
iodatahdl-xv_firmware*cpe:2.3:o:iodata:hdl-xv_firmware:*:*:*:*:*:*:*:*
iodatahdl-xv-cpe:2.3:h:iodata:hdl-xv:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iodata	hdl-xr_firmware	*	cpe:2.3:o:iodata:hdl-xr_firmware::::::::
iodata	hdl-xr	-	cpe:2.3:h:iodata:hdl-xr:-:::::::*
iodata	hdl-xrw_firmware	*	cpe:2.3:o:iodata:hdl-xrw_firmware::::::::
iodata	hdl-xrw	-	cpe:2.3:h:iodata:hdl-xrw:-:::::::*
iodata	hdl-xr2u_firmware	*	cpe:2.3:o:iodata:hdl-xr2u_firmware::::::::
iodata	hdl-xr2u	-	cpe:2.3:h:iodata:hdl-xr2u:-:::::::*
iodata	hdl-xr2uw_firmware	*	cpe:2.3:o:iodata:hdl-xr2uw_firmware::::::::
iodata	hdl-xr2uw	-	cpe:2.3:h:iodata:hdl-xr2uw:-:::::::*
iodata	hdl-xv_firmware	*	cpe:2.3:o:iodata:hdl-xv_firmware::::::::
iodata	hdl-xv	-	cpe:2.3:h:iodata:hdl-xv:-:::::::*

Rows per page:

1-10 of 901

CNA Affected

[
  {
    "product": "IP address setting tool \"MagicalFinder\"",
    "vendor": "I-O DATA DEVICE, INC.",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  }
]

References

www.iodata.jp/support/information/2018/magicalfinder/

jvn.jp/en/jp/JVN36048131/index.html

CVSS2

7.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:C/I:C/A:C

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

13.1%

JSON

Related for CVE-2018-0512