6 matches found
KDDI HOME SPOT CUBE2 Security Vulnerability
KDDI HOME SPOT CUBE2 is a home wireless router from KDDI Japan. A security vulnerability exists in KDDI HOME SPOT CUBE2 version V102 and prior versions. An attacker has exploited the vulnerability to cause a denial of service on the system...
EC-CUBE 2 series vulnerable to cross-site scripting
Overview EC-CUBE 2 series provided by EC-CUBE CO.,LTD. contains a cross-site scripting vulnerability CWE-79 in "mail/template" and "products/product" of Management page. Shimamine Taihei of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to EC-CUBE CO.,LTD. and EC-CUBE CO.,LTD...
Multiple vulnerabilities in EC-CUBE 2 series
Overview EC-CUBE 2 series provided by EC-CUBE CO.,LTD. contains multiple vulnerabilities listed below. Improper access control in Management screen CWE-284 - CVE-2021-20841 Cross-site request forgery vulnerability in Management screen CWE-352 - CVE-2021-20842 EC-CUBE CO.,LTD. reported these...
CVE-2017-2185
HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI...
CVE-2017-2186
HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI...
HOME SPOT CUBE vulnerable to cross-site request forgery
Overview HOME SPOT CUBE provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE contains a cross-site request forgery vulnerability. Masaki Yoshikawa of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warnin...