CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-16199

Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://www.tlt.co.jp/tlt/information/seihin/notice/defect/20181219/20181219.htm
https://jvn.jp/en/jp/JVN99810718/index.html
http://www.tlt.co.jp/tlt/information/seihin/notice/defect/20181219/20181219.htm
https://jvn.jp/en/jp/JVN99810718/index.html

Products affected by CVE-2018-16199

Toshiba » Hem-Gw16a » Version: N/A

cpe:2.3:h:toshiba:hem-gw16a:-
Toshiba » Hem-Gw26a » Version: N/A

cpe:2.3:h:toshiba:hem-gw26a:-
Toshiba » Hem-Gw16a Firmware » Version: 1.2.0

cpe:2.3:o:toshiba:hem-gw16a_firmware:1.2.0
Toshiba » Hem-Gw16a Firmware » Version: 1.2.9

cpe:2.3:o:toshiba:hem-gw16a_firmware:1.2.9
Toshiba » Hem-Gw26a Firmware » Version: 1.2.0

cpe:2.3:o:toshiba:hem-gw26a_firmware:1.2.0
Toshiba » Hem-Gw26a Firmware » Version: 1.2.9

cpe:2.3:o:toshiba:hem-gw26a_firmware:1.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-16199

Products

Pricing

Contact Us