high
7.7
CWE
78 77
Advisory Published
Updated

CVE-2018-0512: OS Command Injection

First published: Thu Feb 08 2018(Updated: )

Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Credit: vultures@jpcert.or.jp

Affected SoftwareAffected VersionHow to fix
Iodata Hdl-xr Firmware<=2.01
Iodata Hdl-xr Firmware
Iodata Hdl-xrw<=2.01
Iodata Hdl-xrw Firmware
Iodata Hdl-xr2u<=2.01
Iodata Hdl-xr2u Firmware
Iodata Hdl-xr2uw<=2.01
Iodata Hdl-xr Firmware
Iodata Hdl-xv Firmware<=1.50
Iodata Hdl-xv Firmware
Iodata Hdl-xvw Firmware<=1.50
Iodata Hdl-xvw Firmware
Iodata Hdl-gt<=1.37
Iodata Hdl-gt Firmware
Iodata HDL-GTR Firmware<=1.37
Iodata Hdl-gtr Firmware
Iodata Hdl-a/e<=1.26
Iodata Hdl-a Firmware
Iodata Hdl-ah Firmware<=1.26
Iodata Hdl-ah Firmware
Iodata Hdl2-a<=1.26
Iodata Hdl2-a Firmware
Iodata Hdl2-ah Firmware<=1.26
Iodata Hdl2-ah Firmware
Iodata Hdl-t Firmware<=1.12
Iodata Hdl-t Firmware
Iodata Hls-c<=1.12
Iodata Hls-c Firmware
Iodata HVL-A Firmware<=2.04
Iodata Hvl-a
Iodata HVL-AT Firmware<=2.04
Iodata Hvl-at
Iodata HVL-ATA Firmware<=2.04
Iodata HVL-ATA Firmware
Iodata Hvl-s Firmware<=1.00
Iodata Hvl-s Firmware
Iodata Hfas1<=1.40
Iodata Hfas1 Firmware
Iodata WHG-NAPG<=1.08
Iodata WHG-NAPGA
Iodata WHG-NAPGA<=1.08
Iodata WHG-NAPGA Firmware
Iodata WHG-NAPGAL<=1.05
Iodata WHG-NAPGAL Firmware
Iodata WHG-AC1750 Firmware<=3.00
Iodata WHG-AC1750 Firmware
Iodata WHG-AC1750 Firmware<=1.07
Iodata WHG-AC1750A
Iodata WHG-AC1750AL<=1.07
Iodata WHG-AC1750AL Firmware
Iodata WN-AX1167GR<=3.11
Iodata WN-AX1167GR Firmware
Iodata Wn-gx300gr Firmware<=2.00
Iodata Wn-gx300gr Firmware
Iodata WN-PR2600G Firmware<=1.01
Iodata WN-PR2600G
Iodata Wnpr1750g Firmware<=1.01
Iodata Wnpr1750g Firmware
Iodata WN-PR1167F Firmware<=1.00
Iodata Wnpr1167g Firmware
Iodata WN-PR1167F Firmware<=1.00
Iodata WN-PR1167F
Iodata Wn-ag750dgr Firmware<=1.08
Iodata Wn-ag750dgr Firmware
Iodata WN-G300R<=1.14
Iodata WN-G300R2
Iodata Wn-g300r3<=1.04
Iodata Wn-g300r3 Firmware
Iodata Wn-ag300dgr<=1.05
Iodata Wn-ag300dgr Firmware
Iodata WN-AC1600DGR<=2.06
Iodata Wn-ac1600dgr Firmware
Iodata WN-AC1167DGR<=1.02
Iodata WN-AC1167DGR
Iodata WN-G300EX<=1.01
Iodata WN-G300EX Firmware
Iodata WN-AC1300EX<=1.02
Iodata WN-AC1300EX
Iodata WN-AC583TRK<=1.05
Iodata WN-AC583TRK
Iodata WN-AC583RK<=1.06
Iodata WN-AC583RK
Iodata WN-G300SR<=1.00
Iodata WN-G300SR
Iodata Bx-vp1 Firmware<=2.01
Iodata Bx-vp1 Firmware
Iodata Gv-ntx1<=1.02.00
Iodata Gv-ntx1 Firmware
Iodata Gv-ntx2 Firmware<=1.02.00
Iodata Gv-ntx2 Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2018-0512 vulnerability about?

    The vulnerability allows authenticated attackers to execute arbitrary OS commands via unspecified vectors in devices using MagicalFinder provided by I-O DATA DEVICE, INC.

  • What is the severity level of CVE-2018-0512?

    The severity level of CVE-2018-0512 is rated as high with a CVSS score of 6.8.

  • How can I fix the CVE-2018-0512 vulnerability?

    To fix the CVE-2018-0512 vulnerability, it is recommended to apply the security patches provided by I-O DATA DEVICE, INC.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203