Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kddi vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2017-2183
HOME SPOT CUBE2 firmware V101 and previous versions allows authenticated malicious users to execute arbitrary OS commands via Clock Settings.
Kddi Home Spot Cube 2 Firmware V101
Kddi Home Spot Cube 2 Firmware V100
8.8
CVSSv3
CVE-2017-2184
Buffer overflow in HOME SPOT CUBE2 firmware V101 and previous versions allows an malicious user to execute arbitrary code via WebUI.
Kddi Home Spot Cube 2 Firmware V100
Kddi Home Spot Cube 2 Firmware V101
8.8
CVSSv3
CVE-2017-2185
HOME SPOT CUBE2 firmware V101 and previous versions allows authenticated malicious users to execute arbitrary OS commands via WebUI.
Kddi Home Spot Cube 2 Firmware V100
Kddi Home Spot Cube 2 Firmware V101
8.8
CVSSv3
CVE-2017-2186
HOME SPOT CUBE2 firmware V101 and previous versions allows an malicious user to bypass authentication to load malicious firmware via WebUI.
Kddi Home Spot Cube 2 Firmware V101
Kddi Home Spot Cube 2 Firmware V100
9.8
CVSSv3
CVE-2019-6005
Smart TV Box firmware version before 1300 allows remote malicious users to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/...
Kddi Smart Tv Box Firmware
8.8
CVSSv3
CVE-2022-33948
HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product.
Kddi Home Spot Cube 2 Firmware
7.8
CVSSv3
CVE-2017-2289
Untrusted search path vulnerability in Installer of Qua station connection tool for Windows version 1.00.03 allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Kddi Qua Station Firmware 1.00.03
5.4
CVSSv3
CVE-2016-1136
Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices prior to 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Kddi Home Spot Cube Firmware 2.0
7.4
CVSSv3
CVE-2016-1137
Open redirect vulnerability on KDDI HOME SPOT CUBE devices prior to 2 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Kddi Home Spot Cube Firmware 2.0
7.5
CVSSv3
CVE-2016-1139
Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices prior to 2 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Kddi Home Spot Cube Firmware 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »