[Japanese]

JVNDB-2012-000059

SEIL series fail to restrict access permissions

Overview

SEIL series contain an issue where access permissions are not restricted.

SEIL series are wireless LAN routers. SEIL series contain an issue where access permissions are not restricted.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Internet Initiative Japan Inc.
  • SEIL/B1 firmware 2.30 to 3.75
  • SEIL/X1 firmware 2.30 to 3.75
  • SEIL/X2 firmware 2.30 to 3.75
  • SEIL/x86 firmware 1.00 to 2.35

Impact

An attacker that can access the product's HTTP proxy may bypass restrictions such as the URL filter.
Solution

[Update the Software]
Update to the latest version of the firmware provided by the developer.
Vendor Information

Internet Initiative Japan Inc.
CWE (What is CWE?)

  1. Permissions(CWE-264) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2012-2632
References

  1. JVN : JVN#24646833
  2. National Vulnerability Database (NVD) : CVE-2012-2632
Revision History

  • [2012/06/06]
      Web page was published

Date Public2012/06/06
Date First Published2012/06/06
Date Last Updated2012/06/06