HTTP Header Injection Vulnerability in TS-WPTCAM and Related Firmware by IoData
CVE-2017-2111

6.1MEDIUM

Key Information:

Vendor

I-o Data Device, Inc.

Status
Ts-WPtcam
Ts-WPtcam2
Ts-wlce
Ts-wlc2
Vendor
CVE Published:
28 April 2017

What is CVE-2017-2111?

A vulnerability in IoData's firmware products allows remote attackers to exploit HTTP header injection. This flaw may enable attackers to inject malicious HTTP headers, leading to the display of false information to users. Affected products include multiple TS-WPTCAM and related firmware versions. It is crucial for users to upgrade to the latest firmware versions to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TS-PTCAM/POE firmware version 1.18 and earlier

TS-WLC2 firmware version 1.18 and earlier

TS-WLCE firmware version 1.18 and earlier

References

http://jvn.jp/en/jp/JVN46830433/index.html
third-party-advisoryx_refsource_JVN
http://www.securityfocus.com/bid/96620
vdb-entryx_refsource_BID
http://www.iodata.jp/support/information/2017/camera201702/
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.