CVE-2018-0661

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.

CONFIRM: http://www.iodata.jp/support/information/2018/ts-wrlp/
JVN: http://jvn.jp/en/jp/JVN83701666/index.html
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0661

14 years
257 countries
690k users
4559k calculations
Logo www.power-shop.gr
Logo www.use-ip.co.uk
Logo cities-today.com
Logo www.elsec.cz
Logo ipcamtalk.com
Logo sectech.co.nz