CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
39.0%
Cross-site scripting vulnerability in Wi-Fi STATION SH-52A (38JP_1_11G, 38JP_1_11J, 38JP_1_11K, 38JP_1_11L, 38JP_1_26F, 38JP_1_26G, 38JP_1_26J, 38JP_2_03B, and 38JP_2_03C) allows a remote unauthenticated attacker to inject an arbitrary script via WebUI of the device.
Vendor | Product | Version | CPE |
---|---|---|---|
nttdocomo | wi-fi_station_sh-52a | - | cpe:2.3:h:nttdocomo:wi-fi_station_sh-52a:-:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_1_11g | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_1_11g:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_1_11j | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_1_11j:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_1_11k | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_1_11k:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_1_11l | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_1_11l:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_1_26f | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_1_26f:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_1_26g | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_1_26g:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_1_26j | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_1_26j:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_2_03b | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_2_03b:*:*:*:*:*:*:* |
nttdocomo | wi-fi_station_sh-52a_firmware | 38jp_2_03c | cpe:2.3:o:nttdocomo:wi-fi_station_sh-52a_firmware:38jp_2_03c:*:*:*:*:*:*:* |
[
{
"product": "Wi-Fi STATION SH-52A",
"vendor": "NTT DOCOMO, INC.",
"versions": [
{
"status": "affected",
"version": "38JP_1_11G, 38JP_1_11J, 38JP_1_11K, 38JP_1_11L, 38JP_1_26F, 38JP_1_26G, 38JP_1_26J, 38JP_2_03B, and 38JP_2_03C"
}
]
}
]
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
39.0%