7.7
CWE
78 77
Advisory Published
Updated

CVE-2018-0512: OS Command Injection

First published: Thu Feb 08 2018(Updated: )

Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Credit: vultures@jpcert.or.jp

Affected SoftwareAffected VersionHow to fix
Iodata Hdl-xr Firmware<=2.01
Iodata Hdl-xr
Iodata Hdl-xrw Firmware<=2.01
Iodata Hdl-xrw
Iodata Hdl-xr2u Firmware<=2.01
Iodata Hdl-xr2u
Iodata Hdl-xr2uw Firmware<=2.01
Iodata Hdl-xr2uw
Iodata Hdl-xv Firmware<=1.50
Iodata Hdl-xv
Iodata Hdl-xvw Firmware<=1.50
Iodata Hdl-xvw
Iodata Hdl-gt Firmware<=1.37
Iodata Hdl-gt
Iodata Hdl-gtr Firmware<=1.37
Iodata Hdl-gtr
Iodata Hdl-a Firmware<=1.26
Iodata Hdl-a
Iodata Hdl-ah Firmware<=1.26
Iodata Hdl-ah
Iodata Hdl2-a Firmware<=1.26
Iodata Hdl2-a
Iodata Hdl2-ah Firmware<=1.26
Iodata Hdl2-ah
Iodata Hdl-t Firmware<=1.12
Iodata Hdl-t
Iodata Hls-c Firmware<=1.12
Iodata Hls-c
Iodata Hvl-a Firmware<=2.04
Iodata Hvl-a
Iodata Hvl-at Firmware<=2.04
Iodata Hvl-at
Iodata Hvl-ata Firmware<=2.04
Iodata Hvl-ata
Iodata Hvl-s Firmware<=1.00
Iodata Hvl-s
Iodata Hfas1 Firmware<=1.40
Iodata Hfas1
Iodata Whg-napg Firmware<=1.08
Iodata Whg-napg
Iodata Whg-napga Firmware<=1.08
Iodata Whg-napga
Iodata Whg-napgal Firmware<=1.05
Iodata Whg-napgal
Iodata Whg-ac1750a Firmware<=3.00
Iodata Whg-ac1750a
Iodata Whg-ac1750 Firmware<=1.07
Iodata Whg-ac1750
Iodata Whg-ac1750al Firmware<=1.07
Iodata Whg-ac1750al
Iodata Wn-ax1167gr Firmware<=3.11
Iodata Wn-ax1167gr
Iodata Wn-gx300gr Firmware<=2.00
Iodata Wn-gx300gr
Iodata Wnpr2600g Firmware<=1.01
Iodata Wnpr2600g
Iodata Wnpr1750g Firmware<=1.01
Iodata Wnpr1750g
Iodata Wnpr1167g Firmware<=1.00
Iodata Wnpr1167g
Iodata Wnpr1167f Firmware<=1.00
Iodata Wnpr1167f
Iodata Wn-ag750dgr Firmware<=1.08
Iodata Wn-ag750dgr
Iodata Wn-g300r Firmware<=1.14
Iodata Wn-g300r
Iodata Wn-g300r3 Firmware<=1.04
Iodata Wn-g300r3
Iodata Wn-ag300dgr Firmware<=1.05
Iodata Wn-ag300dgr
Iodata Wn-ac1600dgr Firmware<=2.06
Iodata Wn-ac1600dgr
Iodata Wn-ac1167dgr Firmware<=1.02
Iodata Wn-ac1167dgr
Iodata Wn-g300ex Firmware<=1.01
Iodata Wn-g300ex
Iodata Wn-ac1300ex Firmware<=1.02
Iodata Wn-ac1300ex
Iodata Wn-ac583trk Firmware<=1.05
Iodata Wn-ac583trk
Iodata Wn-ac583rk Firmware<=1.06
Iodata Wn-ac583rk
Iodata Wn-g300sr Firmware<=1.00
Iodata Wn-g300sr
Iodata Bx-vp1 Firmware<=2.01
Iodata Bx-vp1
Iodata Gv-ntx1 Firmware<=1.02.00
Iodata Gv-ntx1
Iodata Gv-ntx2 Firmware<=1.02.00
Iodata Gv-ntx2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2018-0512 vulnerability about?

    The vulnerability allows authenticated attackers to execute arbitrary OS commands via unspecified vectors in devices using MagicalFinder provided by I-O DATA DEVICE, INC.

  • What is the severity level of CVE-2018-0512?

    The severity level of CVE-2018-0512 is rated as high with a CVSS score of 6.8.

  • How can I fix the CVE-2018-0512 vulnerability?

    To fix the CVE-2018-0512 vulnerability, it is recommended to apply the security patches provided by I-O DATA DEVICE, INC.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203