Search criteria
2 vulnerabilities by KING JIM CO.,LTD.
CVE-2022-0184 (GCVE-0-2022-0184)
Vulnerability from cvelistv5 – Published: 2022-01-17 09:10 – Updated: 2024-08-02 23:18
VLAI?
Summary
Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode.
Severity ?
No CVSS data available.
CWE
- Insufficiently protected credentials
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| KING JIM CO.,LTD. | TEPRA PRO |
Affected:
'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TEPRA PRO",
"vendor": "KING JIM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "\u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficiently protected credentials vulnerability in \u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficiently protected credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T09:10:32",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-0184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TEPRA PRO",
"version": {
"version_data": [
{
"version_value": "\u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier"
}
]
}
}
]
},
"vendor_name": "KING JIM CO.,LTD."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficiently protected credentials vulnerability in \u0027TEPRA\u0027 PRO SR5900P Ver.1.080 and earlier and \u0027TEPRA\u0027 PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficiently protected credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kingjim.co.jp/download/security/#sr01",
"refsource": "MISC",
"url": "https://www.kingjim.co.jp/download/security/#sr01"
},
{
"name": "https://jvn.jp/en/jp/JVN81479705/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN81479705/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-0184",
"datePublished": "2022-01-17T09:10:32",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-02T23:18:42.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0183 (GCVE-0-2022-0183)
Vulnerability from cvelistv5 – Published: 2022-01-17 09:10 – Updated: 2024-08-02 23:18
VLAI?
Summary
Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords.
Severity ?
No CVSS data available.
CWE
- Missing encryption of sensitive data
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| KING JIM CO.,LTD. | MIRUPASS |
Affected:
'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MIRUPASS",
"vendor": "KING JIM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "\u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing encryption of sensitive data vulnerability in \u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing encryption of sensitive data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T09:10:30",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-0183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MIRUPASS",
"version": {
"version_data": [
{
"version_value": "\u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions"
}
]
}
}
]
},
"vendor_name": "KING JIM CO.,LTD."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Missing encryption of sensitive data vulnerability in \u0027MIRUPASS\u0027 PW10 firmware all versions and \u0027MIRUPASS\u0027 PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing encryption of sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kingjim.co.jp/download/security/#mirupass",
"refsource": "MISC",
"url": "https://www.kingjim.co.jp/download/security/#mirupass"
},
{
"name": "https://jvn.jp/en/jp/JVN19826500/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN19826500/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-0183",
"datePublished": "2022-01-17T09:10:31",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-02T23:18:42.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}