Access Control Bypass in WG-C10 by Sony
CVE-2017-2277

9.1CRITICAL

Key Information:

Vendor: Sony Corporation
Status: Wg-c10
Vendor: CVE Published:; 22 July 2017

🔔 Create Sony Corporation Vulnerability Alert

What is CVE-2017-2277?

The WG-C10 versions up to 3.0.79 are susceptible to an access control bypass vulnerability, allowing attackers to exploit the system. This flaw may enable unauthorized access or modifications to data stored in external storage devices connected to the WG-C10 product. Attackers may leverage unspecified vectors to gain unauthorized insights or alter critical information, highlighting the importance of applying necessary updates and monitoring for potential security threats.

Affected Version(s)

WG-C10 v3.0.79 and earlier

References

https://jvn.jp/en/jp/JVN77412145/index.html

third-party-advisoryx_refsource_JVN

https://esupport.sony.com/US/p/news-item.pl?news_id=527&m...

x_refsource_MISC

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2017
Vulnerability Reserved
Dec 1, 2016