CVE-2018-0661

Summary

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.

Affected Software

VendorProductVersion RangeStatus
I-O DATA DEVICE, INC.Multiple I-O DATA network camera products(TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier)affected

Weaknesses

  • Fails to restrict access

ADP Enrichment

CVE Program Container

Additional References

References