48 matches found
CVE-2025-64444
Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute an arbitrary OS...
NCP-HG100 vulnerable to OS command injection
Overview NCP-HG100 provided by Sony Network Communications Inc. and used in MANOMA service contains the following vulnerability. OS command injection CWE-78 - CVE-2025-64444 HIROKI IMAI of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
CVE-2025-64444
Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute an arbitrary OS...
CVE-2025-64444
CVE-2025-64444 affects NCP-HG100 (1.4.48.16 and earlier). The issue is an OS command injection due to improper neutralization of special elements in commands, allowing a remote attacker who has authenticated access to the management page to execute arbitrary OS commands with root privileges. Red ...
EUVD-2025-186560
Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute an arbitrary OS...
CVE-2025-64444
Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute an arbitrary OS...
CVE-2025-64444
Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute an arbitrary OS...
PT-2025-46941
Name of the Vulnerable Software and Affected Versions NCP-HG100 versions 1.4.48.16 and earlier Description An issue exists where special elements are not properly neutralized when used in operating system commands, potentially leading to OS Command Injection. A remote attacker who has valid...
Sony NCP-HG100 操作系统命令注入漏洞
The Sony NCP-HG100 is a webcam from Sony Japan. An operating system command injection vulnerability exists in Sony NCP-HG100 version 1.4.48.16 and earlier, which stems from improper neutralization of a special element and can lead to remote command execution...
EUVD-2019-2768
Malware in sbrugna...
EUVD-2018-3522
Malware in sbrugna...
ASUS SmartHome Gateway HG100, WS-101 and TS-101 Denial of Service Vulnerabilities (CNVD-2020-03056)
ASUS SmartHome Gateway HG100 and others are products of ASUS, Taiwan, China.ASUS SmartHome Gateway HG100 is a smart home central control gateway device.ASUS WS-101 is a smart switch sensor.TS-101 is a temperature/humidity sensor. A security vulnerability exists in ASUS SmartHome Gateway HG100...
ASUS SmartHome Gateway HG100, WS-101 and TS-101 Information Disclosure Vulnerabilities
ASUS SmartHome Gateway HG100 and others are products of ASUS, Taiwan, China.ASUS SmartHome Gateway HG100 is a smart home central control gateway device.ASUS WS-101 is a smart switch sensor.TS-101 is a temperature/humidity sensor. A security vulnerability exists in the ASUS SmartHome Gateway HG100...
Design/Logic Flaw
An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack...
ASUS SmartHome Gateway HG100 Denial of Service Vulnerability
ASUS SmartHome Gateway HG100 is a smart home central control gateway device from ASUS, Taiwan, China. A security vulnerability exists in the web api server on port 8080 in the ASUS SmartHome Gateway HG100 using firmware version 1.05.12 and earlier. An attacker could exploit this vulnerability to...
ASUS SmartHome Gateway HG100 Access Control Bypass Vulnerability
The ASUS SmartHome Gateway HG100 is a smart home central control gateway device. The ASUS SmartHome Gateway HG100 implementation suffers from a security vulnerability that allows a remote attacker can exploit the vulnerability to submit special requests that can bypass security restrictions and...
CVE-2019-11063
A broken access control vulnerability in SmartHome app Android versions up to 3.0.42190515, ios versions up to 2.0.22 allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway HG100 via http://target/smarthome/devicecontrol witho...
CVE-2019-11060
The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service DoS by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time...
CVE-2019-11060
The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service DoS by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time...
CVE-2019-11061
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://target/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 Confidentiality, Integrity...