CVE-2018-0661

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.

CONFIRM: http://www.iodata.jp/support/information/2018/ts-wrlp/
JVN: http://jvn.jp/en/jp/JVN83701666/index.html
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0661

8 years
231 countries
199k users
1303k calculations
Logo sectech.co.nz
Logo www.a1securitycameras.com
Logo www.elsec.cz
Logo www.systemy-stech.cz
Logo www.kelcom.cz
Logo www.power-shop.gr