Panasonic: Security Vulnerabilities
The Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGA_Ray_600/ELUGA_Ray_600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-14
SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-09-12
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution.
CVSS Score
7.8
EPSS Score
0.017
Published
2019-06-07
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.
CVSS Score
7.8
EPSS Score
0.007
Published
2019-06-07
An unquoted search path vulnerability in some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009 allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.
CVSS Score
7.8
EPSS Score
0.004
Published
2019-01-09
BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-01-09
BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.003
Published
2019-01-09
Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to execute arbitrary code via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.001
Published
2019-01-09
Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-10-20
Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.007
Published
2017-10-20