CVE-2018-9079: Iomega and LenovoEMC NAS Web UI Vulnerabilities

First published: Fri Sep 28 2018(Updated: )

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model (DOM) of the page. In addition, adversaries can inject HTML script tags and HTML tags with JavaScript handlers to execute arbitrary JavaScript with the origin of the device.

Credit: psirt@lenovo.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/type
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/weakness
• agent/title
• agent/severity
• agent/author
• agent/references
• agent/tags
• agent/description
• agent/first-publish-date
• agent/event
• vendor/lenovo
• canonical/lenovo storcenter px12-450r firmware
• version/lenovo storcenter px12-450r firmware/4.1.402.34662
• canonical/lenovo storcenter px12-450r
• canonical/lenovo storcenter px12-400r firmware
• version/lenovo storcenter px12-400r firmware/4.1.402.34662
• canonical/lenovo storcenter px12-400r
• canonical/lenovo storcenter px4-300r firmware
• version/lenovo storcenter px4-300r firmware/4.1.402.34662
• canonical/lenovo storcenter px4-300r
• canonical/lenovo storcenter px6-300d firmware
• version/lenovo storcenter px6-300d firmware/4.1.402.34662
• canonical/lenovo storcenter px6-300d
• canonical/lenovo storcenter px4-300d firmware
• version/lenovo storcenter px4-300d firmware/4.1.402.34662
• canonical/lenovo storcenter px4-300d
• canonical/lenovo storcenter px2-300d firmware
• version/lenovo storcenter px2-300d firmware/4.1.402.34662
• canonical/lenovo storcenter px2-300d
• canonical/lenovo storcenter ix4-300d firmware
• version/lenovo storcenter ix4-300d firmware/4.1.402.34662
• canonical/lenovo storcenter ix4-300d
• canonical/lenovo storcenter ix2 firmware
• version/lenovo storcenter ix2 firmware/4.1.402.34662
• canonical/lenovo storcenter ix2
• canonical/lenovo storcenter ix2-dl firmware
• version/lenovo storcenter ix2-dl firmware/4.1.402.34662
• canonical/lenovo storcenter ix2-dl
• canonical/lenovo ez media \& backup center firmware
• version/lenovo ez media \& backup center firmware/4.1.402.34662
• canonical/lenovo ez media \& backup center
• canonical/lenovo px12-450r firmware
• version/lenovo px12-450r firmware/4.1.402.34662
• canonical/lenovo px12-450r
• canonical/lenovo px12-400r firmware
• version/lenovo px12-400r firmware/4.1.402.34662
• canonical/lenovo px12-400r
• canonical/lenovo px4-400r firmware
• version/lenovo px4-400r firmware/4.1.402.34662
• canonical/lenovo px4-400r
• canonical/lenovo px4-300r firmware
• version/lenovo px4-300r firmware/4.1.402.34662
• canonical/lenovo px4-300r
• canonical/lenovo px6-300d firmware
• version/lenovo px6-300d firmware/4.1.402.34662
• canonical/lenovo px6-300d
• canonical/lenovo px4-400d firmware
• version/lenovo px4-400d firmware/4.1.402.34662
• canonical/lenovo px4-400d
• canonical/lenovo px4-300d firmware
• version/lenovo px4-300d firmware/4.1.402.34662
• canonical/lenovo px4-300d
• canonical/lenovo px2-300d firmware
• version/lenovo px2-300d firmware/4.1.402.34662
• canonical/lenovo px2-300d
• canonical/lenovo ix4-300d firmware
• version/lenovo ix4-300d firmware/4.1.402.34662
• canonical/lenovo ix4-300d
• canonical/lenovo ix2 firmware
• version/lenovo ix2 firmware/4.1.402.34662
• canonical/lenovo ix2