Lucene search

JpcertCVE-2017-2112

HistoryApr 28, 2017 - 4:59 p.m.

CVE-2017-2112

2017-04-2816:59:01

CWE-78

jpcert

web.nvd.nist.gov

cve-2017-2112

ts-wptcam

ts-wptcam2

ts-wlce

ts-wlc2

ts-wrlc

ts-ptcam

ts-ptcam/poe

firmware

remote attackers

os commands

nvd

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.006

Percentile

77.9%

JSON

TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Affected configurations

Nvd

Vulners

Node

iodatats-ptcam\/poe_firmwareRange≤1.18

AND

iodatats-ptcam\/poeMatch-

Node

iodatats-ptcam_firmwareRange≤1.18

AND

iodatats-ptcamMatch-

Node

iodatats-wrlc_firmwareRange≤1.17

AND

iodatats-wrlcMatch-

Node

iodatats-wlc2_firmwareRange≤1.18

AND

iodatats-wlc2Match-

Node

iodatats-wlce_firmwareRange≤1.18

AND

iodatats-wlceMatch-

Node

iodatats-wptcam2_firmwareMatch1.00

AND

iodatats-wptcam2Match-

Node

iodatats-wptcam_firmwareRange≤1.18

AND

iodatats-wptcamMatch-

VendorProductVersionCPE
iodatats-ptcam\/poe_firmware*cpe:2.3:o:iodata:ts-ptcam\/poe_firmware:*:*:*:*:*:*:*:*
iodatats-ptcam\/poe-cpe:2.3:h:iodata:ts-ptcam\/poe:-:*:*:*:*:*:*:*
iodatats-ptcam_firmware*cpe:2.3:o:iodata:ts-ptcam_firmware:*:*:*:*:*:*:*:*
iodatats-ptcam-cpe:2.3:h:iodata:ts-ptcam:-:*:*:*:*:*:*:*
iodatats-wrlc_firmware*cpe:2.3:o:iodata:ts-wrlc_firmware:*:*:*:*:*:*:*:*
iodatats-wrlc-cpe:2.3:h:iodata:ts-wrlc:-:*:*:*:*:*:*:*
iodatats-wlc2_firmware*cpe:2.3:o:iodata:ts-wlc2_firmware:*:*:*:*:*:*:*:*
iodatats-wlc2-cpe:2.3:h:iodata:ts-wlc2:-:*:*:*:*:*:*:*
iodatats-wlce_firmware*cpe:2.3:o:iodata:ts-wlce_firmware:*:*:*:*:*:*:*:*
iodatats-wlce-cpe:2.3:h:iodata:ts-wlce:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iodata	ts-ptcam\/poe_firmware	*	cpe:2.3:o:iodata:ts-ptcam\/poe_firmware::::::::
iodata	ts-ptcam\/poe	-	cpe:2.3:h:iodata:ts-ptcam\/poe:-:::::::*
iodata	ts-ptcam_firmware	*	cpe:2.3:o:iodata:ts-ptcam_firmware::::::::
iodata	ts-ptcam	-	cpe:2.3:h:iodata:ts-ptcam:-:::::::*
iodata	ts-wrlc_firmware	*	cpe:2.3:o:iodata:ts-wrlc_firmware::::::::
iodata	ts-wrlc	-	cpe:2.3:h:iodata:ts-wrlc:-:::::::*
iodata	ts-wlc2_firmware	*	cpe:2.3:o:iodata:ts-wlc2_firmware::::::::
iodata	ts-wlc2	-	cpe:2.3:h:iodata:ts-wlc2:-:::::::*
iodata	ts-wlce_firmware	*	cpe:2.3:o:iodata:ts-wlce_firmware::::::::
iodata	ts-wlce	-	cpe:2.3:h:iodata:ts-wlce:-:::::::*

Rows per page:

1-10 of 141

CNA Affected

[
  {
    "product": "TS-WPTCAM",
    "vendor": "I-O DATA DEVICE, INC.",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version 1.18 and earlier"
      }
    ]
  },
  {
    "product": "TS-WPTCAM2",
    "vendor": "I-O DATA DEVICE, INC.",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version 1.00"
      }
    ]
  },
  {
    "product": "TS-WLCE",
    "vendor": "I-O DATA DEVICE, INC.",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version 1.18 and earlier"
      }
    ]
  },
  {
    "product": "TS-WLC2",
    "vendor": "I-O DATA DEVICE, INC.",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version 1.18 and earlier"
      }
    ]
  },
  {
    "product": "TS-WRLC",
    "vendor": "I-O DATA DEVICE, INC.",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version 1.17 and earlier"
      }
    ]
  },
  {
    "product": "TS-PTCAM/POE",
    "vendor": "I-O DATA DEVICE, INC.",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version 1.18 and earlier"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN46830433/index.html

www.iodata.jp/support/information/2017/camera201702/

www.securityfocus.com/bid/96620

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.006

Percentile

77.9%

JSON

Related for CVE-2017-2112