CVE-2018-16201 Vulnerability Details

  /     /     /  

CVE-2018-16201 Metadata Quick Info

CVE Published: 09/01/2019 | CVE Updated: 05/08/2024 | CVE Year: 2018
Source: jpcert | Vendor: Toshiba Lighting & Technology Corporation | Product: Toshiba Home gateway HEM-GW16A and Toshiba Home gateway HEM-GW26A
Status : PUBLISHED

---

CVE-2018-16201 Description

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Use of Hard-coded Credentials
Source: Toshiba Lighting & Technology Corporation

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).