Filtered by vendor Iodata
Subscribe
Total
35 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4845 | 1 Iodata | 13 Hvl-a, Hvl-a2.0 Firmware, Hvl-a3.0 Firmware and 10 more | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content. | |||||
| CVE-2014-3895 | 1 Iodata | 12 Ts-ptcam\/poe Camera, Ts-ptcam\/poe Camera Firmware, Ts-ptcam Camera and 9 more | 2025-04-12 | 6.4 MEDIUM | N/A |
| The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and earlier, TS-PTCAM/POE camera with firmware 1.08 and earlier, and TS-WLC2 camera with firmware 1.02 and earlier allow remote attackers to bypass authentication, and consequently obtain sensitive credential and configuration data, via unspecified vectors. | |||||
| CVE-2015-2984 | 1 Iodata | 2 Wn-g54\/r2, Wn-g54\/r2 Firmware | 2025-04-12 | 5.0 MEDIUM | N/A |
| I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service (SSDP reflection) via UPnP requests. | |||||
| CVE-2016-4821 | 1 Iodata | 2 Etx-r, Etx-r Firmware | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors. | |||||
| CVE-2016-4820 | 1 Iodata | 2 Etx-r, Etx-r Firmware | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows remote attackers to hijack the authentication of arbitrary users. | |||||
| CVE-2013-4712 | 1 Iodata | 7 Hdl-a\/e, Hdl-a Firmware, Hdl-ah and 4 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2013-4713 | 1 Iodata | 2 Rockdisk, Rockdisk Firmware | 2025-04-11 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2023-29805 | 1 Iodata | 4 Wfs-sr03k, Wfs-sr03k Firmware, Wfs-sr03w and 1 more | 2025-02-06 | N/A | 9.8 CRITICAL |
| WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the pro_stor_canceltrans_handler_part_19 function. | |||||
| CVE-2023-29804 | 1 Iodata | 4 Wfs-sr03k, Wfs-sr03k Firmware, Wfs-sr03w and 1 more | 2025-02-06 | N/A | 8.8 HIGH |
| WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the sys_smb_pwdmod function. | |||||
| CVE-2019-19823 | 11 Ciktel, Coship, Fg-products and 8 more | 36 Mesh Router, Mesh Router Firmware, Emta Ap and 33 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12. | |||||
| CVE-2019-19822 | 11 Ciktel, Coship, Fg-products and 8 more | 36 Mesh Router, Mesh Router Firmware, Emta Ap and 33 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12. | |||||
| CVE-2018-0663 | 1 Iodata | 6 Ts-wrla, Ts-wrla Firmware, Ts-wrlp and 3 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector. | |||||
| CVE-2018-0662 | 1 Iodata | 6 Ts-wrla, Ts-wrla Firmware, Ts-wrlp and 3 more | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to add malicious files on the device and execute arbitrary code. | |||||
| CVE-2018-0661 | 1 Iodata | 6 Ts-wrla, Ts-wrla Firmware, Ts-wrlp and 3 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration. | |||||
| CVE-2018-0512 | 1 Iodata | 90 Bx-vp1, Bx-vp1 Firmware, Gv-ntx1 and 87 more | 2024-11-21 | 7.7 HIGH | 6.8 MEDIUM |
| Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors. | |||||