CVE Tools

kddi

ICS / OT / IoTJPcommercial

11

Cumulative CVEs

3

Monthly snapshots

#24

Peak rank

Top products

home spot cube 2 firmware4

Latest CVEs

The 15 most recently published vulnerabilities affecting kddi.

CVE-2024-23978Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supp...9.8Feb 2, 2024
CVE-2024-21780Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service (DoS) condition. Note that the affecte...7.5Feb 2, 2024
CVE-2022-43543KDDI +Message App, NTT DOCOMO +Message App, and SoftBank +Message App contain a vulnerability caused by improper handling of Unicode control characters. +Message App displays text unprocessed, even...5.4Dec 21, 2022
CVE-2022-33948HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the pro...8.8Jul 4, 2022
CVE-2019-6005Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary so...9.8Sep 12, 2019
CVE-2018-0691Multiple +Message Apps (Softbank +Message App for Android prior to version 10.1.7, Softbank +Message App for iOS prior to version 1.1.23, NTT DOCOMO +Message App for Android prior to version 42.40....5.9Nov 15, 2018
CVE-2018-0517Untrusted search path vulnerability in Anshin net security for Windows Version 16.0.1.44 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.7.8Feb 8, 2018
CVE-2017-2289Untrusted search path vulnerability in Installer of Qua station connection tool for Windows version 1.00.03 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.7.8Aug 18, 2017
CVE-2017-2186HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.8.8Jul 7, 2017
CVE-2017-2185HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI.8.8Jul 7, 2017
CVE-2017-2184Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI.8.8Jul 7, 2017
CVE-2017-2183HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings.8.0Jul 7, 2017
CVE-2016-1141KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.4.7Jan 30, 2016
CVE-2016-1140KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors.6.1Jan 30, 2016
CVE-2016-1139Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.7.5Jan 30, 2016