Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecifie...
5.4CVSS
5AI Score
0.001EPSS
WN-G300R3 firmware 1.03 and earlier allows attackers with administrator rights to execute arbitrary OS commands via unspecified vectors.
7.2CVSS
7.8AI Score
0.001EPSS
Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
9.8CVSS
9.8AI Score
0.005EPSS
WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.
8CVSS
8.1AI Score
0.0004EPSS
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.
6.8CVSS
6.8AI Score
0.0004EPSS