Design/Logic Flaw

2018-09-0714:29:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.5%

JSON

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.

CPENameOperatorVersion
ts-wrla_firmwarele1.09.04
ts-wrlp\\/e_firmwarele1.09.04
ts-wrlp_firmwarele1.09.04

Name	Operator	Version
ts-wrla_firmware	le	1.09.04
ts-wrlp\\/e_firmware	le	1.09.04
ts-wrlp_firmware	le	1.09.04

References

jvn.jp/en/jp/JVN83701666/index.html

www.iodata.jp/support/information/2018/ts-wrlp/