Vulnerability Details CVE-2018-0663
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2018-0663
-
cpe:2.3:h:iodata:ts-wrla:-
-
cpe:2.3:h:iodata:ts-wrlp/e:-
-
cpe:2.3:h:iodata:ts-wrlp:-
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.00.01
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.01.02
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.02.03
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.03.02
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.04.00
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.05.01
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.07.34
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.07.44
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.08.14
-
cpe:2.3:o:iodata:ts-wrla_firmware:1.09.04
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.01.02
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.02.03
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.03.02
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.04.00
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.05.01
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.07.34
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.07.44
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.08.14
-
cpe:2.3:o:iodata:ts-wrlp/e_firmware:1.09.04
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.00.01
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.01.02
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.02.03
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.03.02
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.04.00
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.05.01
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.07.34
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.07.44
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.08.14
-
cpe:2.3:o:iodata:ts-wrlp_firmware:1.09.04