Vulnerabilidades en KDDI CORPORATION
20 resultadosCVE-2017-2289—Untrusted search path vulnerability in Installer of Qua station connection tool for Windows version 1.00.03 allows an attacker to gain priviEPSS 1.2%CVE-2017-2184—Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI.EPSS 1.1%CVE-2017-2186—HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.EPSS 1.0%CVE-2022-33948—HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacenEPSS 1.0%CVE-2018-0517—Untrusted search path vulnerability in Anshin net security for Windows Version 16.0.1.44 and earlier allows an attacker to gain privileges vEPSS 0.9%CVE-2017-2185—HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI.EPSS 0.9%CVE-2017-2183—HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings.EPSS 0.8%CVE-2025-27718HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file upload process of the USB storage fiEPSS 0.8%CVE-2024-21780HIGHStack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in aEPSS 0.7%CVE-2024-23978CRITICALHeap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be exeEPSS 0.7%CVE-2024-28041HIGHHGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary command.EPSS 0.6%CVE-2025-27716MEDIUMImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file/folder listing process of the USB stEPSS 0.6%CVE-2025-27932HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file deletion process of the USB storage EPSS 0.5%CVE-2024-29071HIGHHGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may change thEPSS 0.4%CVE-2024-21865MEDIUMHGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may connect tEPSS 0.4%CVE-2025-27726LOWImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file download process of the USB storage EPSS 0.2%CVE-2025-27567MEDIUMCross-site scripting vulnerability exists in the NickName registration screen of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerabiEPSS 0.2%CVE-2025-27574LOWCross-site scripting vulnerability exists in the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnEPSS 0.2%CVE-2025-60022LOWImproper certificate validation vulnerability exists in 'デジラアプリ' App for iOS prior to ver.80.10.00. If this vulnerability is exploited, a maEPSS 0.1%CVE-2026-41281MEDIUMAndroid App "あんしんフィルター for au" provided by KDDI CORPORATION contains Cleartext Transmission of Sensitive Information (CWE-319) vulnerabilityEPSS 0.1%