Lucene search

Wn-G300R3 Firmware Security Vulnerabilities

cve

CVE-2016-1207

Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecifie...

5.4CVSS

5AI Score

0.001EPSS

2016-05-14 04:59 PM

cve

CVE-2017-2141

WN-G300R3 firmware 1.03 and earlier allows attackers with administrator rights to execute arbitrary OS commands via unspecified vectors.

7.2CVSS

7.8AI Score

0.001EPSS

2017-04-28 04:59 PM

cve

CVE-2017-2142

Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

9.8CVSS

9.8AI Score

0.005EPSS

2017-04-28 04:59 PM

cve

CVE-2017-2283

WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.

8CVSS

8.1AI Score

0.0004EPSS

2017-08-02 04:29 PM

cve

CVE-2018-0512

Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.

6.8CVSS

6.8AI Score

0.0004EPSS

2018-02-08 02:29 PM