CVE-2018-0661 - OpenCVE

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:A/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Iodata	Ts-wrlp Ts-wrla Firmware Ts-wrlp\/e Firmware Ts-wrla Ts-wrlp Firmware Ts-wrlp\/e

Configuration 1 [-]

AND

cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:iodata:ts-wrlp\/e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:iodata:ts-wrlp\/e:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*

References

Link	Resource
http://jvn.jp/en/jp/JVN83701666/index.html	Third Party Advisory
http://www.iodata.jp/support/information/2018/ts-wrlp/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2018-09-07T14:00:00

Updated: 2018-09-07T13:57:01

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0661

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-09-07T14:29:02.990

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-0661

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "Multiple I-O DATA network camera products", "vendor": "I-O DATA DEVICE, INC.", "versions": [{"status": "affected", "version": "(TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier)"}]}], "datePublic": "2018-08-07T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration."}], "problemTypes": [{"descriptions": [{"description": "Fails to restrict access", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-07T13:57:01", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.iodata.jp/support/information/2018/ts-wrlp/"}, {"name": "JVN#83701666", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN83701666/index.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2018-0661", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Multiple I-O DATA network camera products", "version": {"version_data": [{"version_value": "(TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier)"}]}}]}, "vendor_name": "I-O DATA DEVICE, INC."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Fails to restrict access"}]}]}, "references": {"reference_data": [{"name": "http://www.iodata.jp/support/information/2018/ts-wrlp/", "refsource": "CONFIRM", "url": "http://www.iodata.jp/support/information/2018/ts-wrlp/"}, {"name": "JVN#83701666", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN83701666/index.html"}]}}}}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2018-0661", "datePublished": "2018-09-07T14:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2018-09-07T13:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "14F0E9A3-3EF6-41FD-83C6-73B1EF59FFC9", "versionEndIncluding": "1.09.04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*", "matchCriteriaId": "70DEC39A-3EA3-46ED-A974-470910C15047", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:iodata:ts-wrlp\\/e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "64109D59-1440-4CC5-B883-5EC25DC6DBC7", "versionEndIncluding": "1.09.04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:iodata:ts-wrlp\\/e:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8A63749-8B87-42F4-A121-D59F177A38A0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7797312-68E3-4593-AEA9-09F6847F0C80", "versionEndIncluding": "1.09.04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC800D74-FB71-453E-83CF-6F83FA3503F8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration."}, {"lang": "es", "value": "M\u00faltiples productos de c\u00e1maras web I-O DATA (TS-WRLP firmware Ver.1.09.04 y anteriores, TS-WRLA firmware Ver.1.09.04 y anteriores, TS-WRLP/E firmware Ver.1.09.04 y anteriores) permiten que un atacante en el mismo segmento de red omita la restricci\u00f3n de acceso para a\u00f1adir archivos a un directorio determinado que podr\u00eda resultar en la ejecuci\u00f3n de comandos o c\u00f3digo arbitrarios del sistema operativo, as\u00ed como el filtrado o alteraci\u00f3n de informaci\u00f3n que incluye credenciales."}], "id": "CVE-2018-0661", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-07T14:29:02.990", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "http://jvn.jp/en/jp/JVN83701666/index.html"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://www.iodata.jp/support/information/2018/ts-wrlp/"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}