CVE-2017-2237

🗓️ 07 Jul 2017 13:00:00Reported by jpcertType

Toshiba Home Gateway firmware allows arbitrary OS command executio

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of the built-in microprogramming software in Toshiba HEM-GW16A and Toshiba HEM-GW26A home routers exists due to the failure to take measures to neutralize certain components. This vulnerability allows attackers to execute arbitrary commands.	22 Sep 201700:00	–	bdu_fstec
CNVD	Toshiba Home gateway HEM-GW16A firmware OS command injection vulnerability	28 Jun 201700:00	–	cnvd
CVE	CVE-2017-2237	7 Jul 201713:00	–	cve
EUVD	EUVD-2017-11420	7 Oct 202500:30	–	euvd
Japan Vulnerability Notes	JVN#85901441: Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway	27 Jun 201700:00	–	jvn
Japan Vulnerability Notes	OS command injection vulnerability in Toshiba Lighting & Technology Corporation Home gateway	28 Jun 201701:28	–	jvn
NVD	CVE-2017-2237	7 Jul 201713:29	–	nvd
Prion	Design/Logic Flaw	7 Jul 201713:29	–	prion

[
  {
    "product": "Toshiba Home gateway HEM-GW16A",
    "vendor": "Toshiba Lighting & Technology Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "firmware HEM-GW16A-FW-V1.2.0 and earlier"
      }
    ]
  },
  {
    "product": "Toshiba Home gateway HEM-GW26A",
    "vendor": "Toshiba Lighting & Technology Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "firmware HEM-GW26A-FW-V1.2.0 and earlier"
      }
    ]
  }
]

Source	Link
jvn	www.jvn.jp/en/jp/JVN85901441/index.html

07 Jul 2017 12:57Current

9.8High risk

Vulners AI Score9.8

EPSS0.00424