JVN#65411235: Multiple I-O DATA network camera products vulnerable to cross-site request forgery

2017-06-20T00:00:00
ID JVN:65411235
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-06-20T00:00:00

Description

## Description

Multiple network camera products provided by I-O DATA DEVICE, INC. contains a cross-site request forgery vulnerability (CWE-352).

## Impact

If a user views a malicious page while logged in, unintended operations may be performed.

## Solution

Update the Firmware
Apply the appropriate firmware update provided by the developer.

## Products Affected

  • TS-WPTCAM firmware version 1.19 and earlier
  • TS-WPTCAM2 firmware version 1.01 and earlier
  • TS-PTCAM firmware version 1.19 and earlier
  • TS-PTCAM/POE firmware version 1.19 and earlier
  • TS-WLC2 firmware version 1.19 and earlier
  • TS-WLCE firmware version 1.19 and earlier
  • TS-WRLC firmware version 1.19 and earlier