All the vulnerabilites related to KDDI CORPORATION - HOME SPOT CUBE2
cve-2022-33948
Vulnerability from cvelistv5
Published
2022-07-04 01:50
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/ | x_refsource_MISC | |
| https://jvn.jp/en/jp/JVN41017328/index.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| KDDI CORPORATION | HOME SPOT CUBE2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:15.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN41017328/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HOME SPOT CUBE2",
"vendor": "KDDI CORPORATION",
"versions": [
{
"status": "affected",
"version": "V102 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-04T01:50:49",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN41017328/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-33948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HOME SPOT CUBE2",
"version": {
"version_data": [
{
"version_value": "V102 and earlier"
}
]
}
}
]
},
"vendor_name": "KDDI CORPORATION"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/",
"refsource": "MISC",
"url": "https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/"
},
{
"name": "https://jvn.jp/en/jp/JVN41017328/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN41017328/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-33948",
"datePublished": "2022-07-04T01:50:49",
"dateReserved": "2022-06-20T00:00:00",
"dateUpdated": "2024-08-03T08:16:15.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-2186
Vulnerability from cvelistv5
Published
2017-07-07 13:00
Modified
2024-08-05 13:48
Severity ?
EPSS score ?
Summary
HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.au.com/information/notice_mobile/update/update-20170612-01/ | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99282 | vdb-entry, x_refsource_BID | |
| http://jvn.jp/en/jp/JVN24348065/index.html | third-party-advisory, x_refsource_JVN |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| KDDI CORPORATION | HOME SPOT CUBE2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:03.713Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HOME SPOT CUBE2",
"vendor": "KDDI CORPORATION",
"versions": [
{
"status": "affected",
"version": "firmware V101 and earlier"
}
]
}
],
"datePublic": "2017-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HOME SPOT CUBE2",
"version": {
"version_data": [
{
"version_value": "firmware V101 and earlier"
}
]
}
}
]
},
"vendor_name": "KDDI CORPORATION"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.au.com/information/notice_mobile/update/update-20170612-01/",
"refsource": "CONFIRM",
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2186",
"datePublished": "2017-07-07T13:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:48:03.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-21780
Vulnerability from cvelistv5
Published
2024-02-02 06:38
Modified
2024-08-01 22:27
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service (DoS) condition. Note that the affected products are no longer supported.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| KDDI CORPORATION | HOME SPOT CUBE2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-21T19:27:01.282836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:51.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU93740658/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HOME SPOT CUBE2",
"vendor": "KDDI CORPORATION",
"versions": [
{
"status": "affected",
"version": "V102 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service (DoS) condition. Note that the affected products are no longer supported."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stack-based buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T06:38:19.377Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/"
},
{
"url": "https://jvn.jp/en/vu/JVNVU93740658/"
}
],
"tags": [
"unsupported-when-assigned"
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-21780",
"datePublished": "2024-02-02T06:38:19.377Z",
"dateReserved": "2024-01-25T01:46:39.865Z",
"dateUpdated": "2024-08-01T22:27:36.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-2184
Vulnerability from cvelistv5
Published
2017-07-07 13:00
Modified
2024-08-05 13:48
Severity ?
EPSS score ?
Summary
Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.au.com/information/notice_mobile/update/update-20170612-01/ | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99282 | vdb-entry, x_refsource_BID | |
| http://jvn.jp/en/jp/JVN24348065/index.html | third-party-advisory, x_refsource_JVN |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| KDDI CORPORATION | HOME SPOT CUBE2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:03.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HOME SPOT CUBE2",
"vendor": "KDDI CORPORATION",
"versions": [
{
"status": "affected",
"version": "firmware V101 and earlier"
}
]
}
],
"datePublic": "2017-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HOME SPOT CUBE2",
"version": {
"version_data": [
{
"version_value": "firmware V101 and earlier"
}
]
}
}
]
},
"vendor_name": "KDDI CORPORATION"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.au.com/information/notice_mobile/update/update-20170612-01/",
"refsource": "CONFIRM",
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2184",
"datePublished": "2017-07-07T13:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:48:03.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-2185
Vulnerability from cvelistv5
Published
2017-07-07 13:00
Modified
2024-08-05 13:48
Severity ?
EPSS score ?
Summary
HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.au.com/information/notice_mobile/update/update-20170612-01/ | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99282 | vdb-entry, x_refsource_BID | |
| http://jvn.jp/en/jp/JVN24348065/index.html | third-party-advisory, x_refsource_JVN |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| KDDI CORPORATION | HOME SPOT CUBE2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:03.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HOME SPOT CUBE2",
"vendor": "KDDI CORPORATION",
"versions": [
{
"status": "affected",
"version": "firmware V101 and earlier"
}
]
}
],
"datePublic": "2017-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HOME SPOT CUBE2",
"version": {
"version_data": [
{
"version_value": "firmware V101 and earlier"
}
]
}
}
]
},
"vendor_name": "KDDI CORPORATION"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.au.com/information/notice_mobile/update/update-20170612-01/",
"refsource": "CONFIRM",
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2185",
"datePublished": "2017-07-07T13:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:48:03.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-2183
Vulnerability from cvelistv5
Published
2017-07-07 13:00
Modified
2024-08-05 13:48
Severity ?
EPSS score ?
Summary
HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.au.com/information/notice_mobile/update/update-20170612-01/ | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99282 | vdb-entry, x_refsource_BID | |
| http://jvn.jp/en/jp/JVN24348065/index.html | third-party-advisory, x_refsource_JVN |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| KDDI CORPORATION | HOME SPOT CUBE2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:03.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HOME SPOT CUBE2",
"vendor": "KDDI CORPORATION",
"versions": [
{
"status": "affected",
"version": "firmware V101 and earlier"
}
]
}
],
"datePublic": "2017-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HOME SPOT CUBE2",
"version": {
"version_data": [
{
"version_value": "firmware V101 and earlier"
}
]
}
}
]
},
"vendor_name": "KDDI CORPORATION"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.au.com/information/notice_mobile/update/update-20170612-01/",
"refsource": "CONFIRM",
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"name": "99282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99282"
},
{
"name": "JVN#24348065",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN24348065/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2183",
"datePublished": "2017-07-07T13:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:48:03.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23978
Vulnerability from cvelistv5
Published
2024-02-02 06:38
Modified
2024-08-01 23:13
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| KDDI CORPORATION | HOME SPOT CUBE2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:13:08.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU93740658/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HOME SPOT CUBE2",
"vendor": "KDDI CORPORATION",
"versions": [
{
"status": "affected",
"version": "V102 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T06:38:33.253Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/"
},
{
"url": "https://jvn.jp/en/vu/JVNVU93740658/"
}
],
"tags": [
"unsupported-when-assigned"
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-23978",
"datePublished": "2024-02-02T06:38:33.253Z",
"dateReserved": "2024-01-25T01:46:40.762Z",
"dateUpdated": "2024-08-01T23:13:08.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}