Lucene search
+L

170 matches found

prion
prion
added 2019/01/09 11:29 p.m.18 views

Hardcoded credentials

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands...

8.3CVSS8.8AI score0.00602EPSS
Exploits0References2Affected Software2
prion
prion
added 2019/01/09 11:29 p.m.17 views

Cross site scripting

Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.4AI score0.00788EPSS
Exploits0References2Affected Software2
cvelist
cvelist
added 2019/01/09 10:0 p.m.19 views

CVE-2018-16201

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands...

8.9AI score0.00602EPSS
Exploits0References2
cve
cve
added 2019/01/09 10:0 p.m.52 views

CVE-2018-16198

CVE-2018-16198 affects Toshiba Home gateway HEM-GW16A and HEM-GW26A (firmware 1.2.9 and earlier). The issue is described as hidden functionality (CWE-912) that allows an attacker on the same network segment to access a non-documented developer screen and perform operations on the device. NVD note...

8.8CVSS8.6AI score0.0047EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2019/01/09 10:0 p.m.36 views

CVE-2018-16198

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...

8.7AI score0.0047EPSS
Exploits0References2
cve
cve
added 2019/01/09 10:0 p.m.46 views

CVE-2018-16197

The CVE-2018-16197 issue affects Toshiba Home gateway models HEM-GW16A and HEM-GW26A (firmware versions 1.2.9 and earlier). Affected component: gateway firmware with improper access control (CWE-284) that enables an attacker on the same network segment to bypass access restrictions and access inf...

6.5CVSS6.8AI score0.00503EPSS
Exploits0References2Affected Software1
cve
cve
added 2019/01/09 10:0 p.m.48 views

CVE-2018-16201

The CVE-2018-16201 issue affects Toshiba Home gateway models HEM-GW16A and HEM-GW26A (firmware 1.2.9 and earlier). It stems from hard-coded credentials, potentially allowing an attacker on the same network segment to log into the administrator settings screen and, from there, change configuration...

8.8CVSS8.8AI score0.00602EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2019/01/09 10:0 p.m.19 views

CVE-2018-16200

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands...

8.9AI score0.0065EPSS
Exploits0References2
cve
cve
added 2019/01/09 10:0 p.m.48 views

CVE-2018-16199

CVE-2018-16199 is a cross-site scripting vulnerability affecting Toshiba Home gateway models HEM-GW16A and HEM-GW26A (versions 1.2.9 and earlier). The connected documents confirm an XSS issue in the device’s web interface (CWE-79) that can cause a user’s browser to execute arbitrary scripts via u...

6.1CVSS6.3AI score0.00788EPSS
Exploits0References2Affected Software1
cve
cve
added 2019/01/09 10:0 p.m.45 views

CVE-2018-16200

CVE-2018-16200 affects Toshiba Home gateway HEM-GW16A and HEM-GW26A with firmware versions 1.2.9 and earlier. The provided documents indicate an OS command injection vulnerability that allows an attacker on the same network segment to execute arbitrary OS commands on the affected device. The root...

8.8CVSS8.8AI score0.0065EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2019/01/09 10:0 p.m.17 views

CVE-2018-16199

Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors...

6.5AI score0.00788EPSS
Exploits0References2
cvelist
cvelist
added 2019/01/09 10:0 p.m.18 views

CVE-2018-16197

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device...

7AI score0.00503EPSS
Exploits0References2
cnvd
cnvd
added 2018/12/21 12:0 a.m.3 views

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A Access Control Error Vulnerabilities

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A are both home gateway products from Toshiba Japan. An access control error vulnerability exists in TOSHIBA Home Gateway HEM-GW26A version 1.2.9 and earlier and TOSHIBA Home Gateway version 1.2.9 and earlier, which can be exploited ...

6.5CVSS6.5AI score0.00503EPSS
Exploits0References1
cnvd
cnvd
added 2018/12/21 12:0 a.m.3 views

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A Cross-Site Scripting Vulnerabilities

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A are both home gateway products from Toshiba Japan. A cross-site scripting vulnerability exists in TOSHIBA Home Gateway HEM-GW26A version 1.2.9 and earlier and TOSHIBA Home HEM-GW16A version 1.2.9 and earlier, which can be exploited...

6.1CVSS6.6AI score0.00788EPSS
Exploits0References1
cnvd
cnvd
added 2018/12/21 12:0 a.m.3 views

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A Operating System Command Injection Vulnerability

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A are both home gateway products from Toshiba Japan. An operating system command injection vulnerability exists in TOSHIBA Home Gateway HEM-GW26A version 1.2.9 and earlier and TOSHIBA Home Gateway HEM-GW16A version 1.2.9 and earlier,...

8.8CVSS8.2AI score0.0065EPSS
Exploits0References1
jvn
jvn
added 2018/12/19 12:0 a.m.109 views

JVN#99810718: Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway

Home gateway provided by Toshiba Lighting & Technology Corporation contains multiple vulnerabilities listed below. Improper access control CWE-284 - CVE-2018-16197 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L| Base Score: 6.3 CVSS v2|...

8.8CVSS8.1AI score0.00788EPSS
Exploits0
nessus
nessus
added 2018/12/19 12:0 a.m.983 views

GPON ONT Home Gateway Router is vulnerable to authentication bypass (CVE-2018-10561)

Binary data gponcve-2018-10561.nbin...

9.8CVSS9.8AI score0.92887EPSS
Exploits7References2
nessus
nessus
added 2018/12/19 12:0 a.m.33 views

GPON ONT Home Gateway Router Detection

Binary data gponrouterdetect.nbin...

7.3AI score
Exploits0
zdt
zdt
added 2018/12/11 12:0 a.m.92 views

ZTE Home Gateway ZXHN H168N 2.2 Access Control Bypass Vulnerability

ZTE Home Gateway ZXHN H168N suffers from multiple access bypass and information disclosure vulnerabilities. POC: CVE-2018-7357 and CVE-2018-7358 Disclaimer: This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post +...

6.7AI score0.89645EPSS
Exploits6
packetstorm
packetstorm
added 2018/12/11 12:0 a.m.1716 views

ZTE Home Gateway ZXHN H168N 2.2 Access Control Bypass

POC: CVE-2018-7357 and CVE-2018-7358 Disclaimer: This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post + Unauthenticated + Author: Usman Saeed usman at xc0re.net + Protocol: UPnP + Affected Harware/Software: Model name: ZXH...

0.5AI score0.89645EPSS
Exploits6
Rows per page
Query Builder