Vulnerability Details CVE-2018-0661
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 8.3
References
Products affected by CVE-2018-0661
-
cpe:2.3:h:iodata:ts-wrla:-
-
cpe:2.3:h:iodata:ts-wrlp/e:-
-
cpe:2.3:h:iodata:ts-wrlp:-
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.00.01
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.01.02
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.02.03
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.03.02
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.04.00
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.05.01
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.07.34
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.07.44
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.08.14
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.09.04
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.01.02
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.02.03
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.03.02
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.04.00
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.05.01
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.07.34
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.07.44
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.08.14
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.09.04
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.00.01
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.01.02
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.02.03
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.03.02
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.04.00
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.05.01
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.07.34
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.07.44
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.08.14
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.09.04