170 matches found
Hardcoded credentials
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands...
Cross site scripting
Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-16201
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands...
CVE-2018-16198
CVE-2018-16198 affects Toshiba Home gateway HEM-GW16A and HEM-GW26A (firmware 1.2.9 and earlier). The issue is described as hidden functionality (CWE-912) that allows an attacker on the same network segment to access a non-documented developer screen and perform operations on the device. NVD note...
CVE-2018-16198
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...
CVE-2018-16197
The CVE-2018-16197 issue affects Toshiba Home gateway models HEM-GW16A and HEM-GW26A (firmware versions 1.2.9 and earlier). Affected component: gateway firmware with improper access control (CWE-284) that enables an attacker on the same network segment to bypass access restrictions and access inf...
CVE-2018-16201
The CVE-2018-16201 issue affects Toshiba Home gateway models HEM-GW16A and HEM-GW26A (firmware 1.2.9 and earlier). It stems from hard-coded credentials, potentially allowing an attacker on the same network segment to log into the administrator settings screen and, from there, change configuration...
CVE-2018-16200
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands...
CVE-2018-16199
CVE-2018-16199 is a cross-site scripting vulnerability affecting Toshiba Home gateway models HEM-GW16A and HEM-GW26A (versions 1.2.9 and earlier). The connected documents confirm an XSS issue in the device’s web interface (CWE-79) that can cause a user’s browser to execute arbitrary scripts via u...
CVE-2018-16200
CVE-2018-16200 affects Toshiba Home gateway HEM-GW16A and HEM-GW26A with firmware versions 1.2.9 and earlier. The provided documents indicate an OS command injection vulnerability that allows an attacker on the same network segment to execute arbitrary OS commands on the affected device. The root...
CVE-2018-16199
Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-16197
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device...
TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A Access Control Error Vulnerabilities
TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A are both home gateway products from Toshiba Japan. An access control error vulnerability exists in TOSHIBA Home Gateway HEM-GW26A version 1.2.9 and earlier and TOSHIBA Home Gateway version 1.2.9 and earlier, which can be exploited ...
TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A Cross-Site Scripting Vulnerabilities
TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A are both home gateway products from Toshiba Japan. A cross-site scripting vulnerability exists in TOSHIBA Home Gateway HEM-GW26A version 1.2.9 and earlier and TOSHIBA Home HEM-GW16A version 1.2.9 and earlier, which can be exploited...
TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A Operating System Command Injection Vulnerability
TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A are both home gateway products from Toshiba Japan. An operating system command injection vulnerability exists in TOSHIBA Home Gateway HEM-GW26A version 1.2.9 and earlier and TOSHIBA Home Gateway HEM-GW16A version 1.2.9 and earlier,...
JVN#99810718: Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway
Home gateway provided by Toshiba Lighting & Technology Corporation contains multiple vulnerabilities listed below. Improper access control CWE-284 - CVE-2018-16197 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L| Base Score: 6.3 CVSS v2|...
GPON ONT Home Gateway Router is vulnerable to authentication bypass (CVE-2018-10561)
Binary data gponcve-2018-10561.nbin...
GPON ONT Home Gateway Router Detection
Binary data gponrouterdetect.nbin...
ZTE Home Gateway ZXHN H168N 2.2 Access Control Bypass Vulnerability
ZTE Home Gateway ZXHN H168N suffers from multiple access bypass and information disclosure vulnerabilities. POC: CVE-2018-7357 and CVE-2018-7358 Disclaimer: This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post +...
ZTE Home Gateway ZXHN H168N 2.2 Access Control Bypass
POC: CVE-2018-7357 and CVE-2018-7358 Disclaimer: This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post + Unauthenticated + Author: Usman Saeed usman at xc0re.net + Protocol: UPnP + Affected Harware/Software: Model name: ZXH...