CVE-2017-2235

2017-07-0713:00:00

jpcert

www.cve.org

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.6%

JSON

Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to bypass access restriction to change the administrator account password via unspecified vectors.

CNA Affected

[
  {
    "product": "Toshiba Home gateway HEM-GW16A",
    "vendor": "Toshiba Lighting & Technology Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "firmware HEM-GW16A-FW-V1.2.0 and earlier"
      }
    ]
  },
  {
    "product": "Toshiba Home gateway HEM-GW26A",
    "vendor": "Toshiba Lighting & Technology Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "firmware HEM-GW26A-FW-V1.2.0 and earlier"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN85901441/index.html