Vulnerability Description
WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.
CVSS Score
8.0
HIGH
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Iodata | Wn-G300R3 Firmware | <= 1.0.2 |
| Iodata | Wn-G300R3 | - |
Related Weaknesses (CWE)
References
- http://www.iodata.jp/support/information/2017/wn-g300r3_2/Vendor Advisory
- https://jvn.jp/en/jp/JVN51410509/index.htmlThird Party AdvisoryVDB Entry
- http://www.iodata.jp/support/information/2017/wn-g300r3_2/Vendor Advisory
- https://jvn.jp/en/jp/JVN51410509/index.htmlThird Party AdvisoryVDB Entry
FAQ
What is CVE-2017-2283?
CVE-2017-2283 is a vulnerability with a CVSS score of 8.0 (HIGH). WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.
How severe is CVE-2017-2283?
CVE-2017-2283 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2283?
Check the references section above for vendor advisories and patch information. Affected products include: Iodata Wn-G300R3 Firmware, Iodata Wn-G300R3.