Sign-up

ID

VAR-201901-0795


CVE

CVE-2018-16197


TITLE

TOSHIBA Home Gateway HEM-GW26A and TOSHIBA Home Gateway HEM-GW16A Access Control Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2019-17156 // CNNVD: CNNVD-201812-807

DESCRIPTION

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device. Home gateway provided by Toshiba Lighting & Technology Corporation contains multiple vulnerabilities listed below. * Improper access control (CWE-284) - CVE-2018-16197 * Hidden functionality (CWE-912) - CVE-2018-16198 * Cross-site scripting (CWE-79) - CVE-2018-16199 * OS command injection (CWE-78) - CVE-2018-16200 * Hard-coded credentials (CWE-798) - CVE-2018-16201 The following researchers reported the vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2018-16197 Toshitsugu Yoneyama, Yutaka Kokubu, and Daiki Ichinose of Mitsui Bussan Secure Directions, Inc. CVE-2018-16198, CVE-2018-16199 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. CVE-2018-16200, CVE-2018-16201 Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc.* The information and files stored on the affected device may be accessed. - CVE-2018-16197, CVE-2018-16201 * The affected device may be operated by an attacker. - CVE-2018-16198, CVE-2018-16201 * An arbitrary script may be executed on the user's web browser. - CVE-2018-16199 * An arbitrary OS command may be executed on the affected device. - CVE-2018-16200, CVE-2018-16201. An access control error vulnerability exists in TOSHIBAHomeGatewayHEM-GW26A1.2.9 and earlier and TOSHIBAHomeGateway 1.2.9 and earlier

Trust: 2.25

sources: NVD: CVE-2018-16197 // JVNDB: JVNDB-2018-000132 // CNVD: CNVD-2019-17156 // VULHUB: VHN-126532

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-17156

AFFECTED PRODUCTS

vendor:toshibamodel:hem-gw26ascope:lteversion:1.2.9

Trust: 1.0

vendor:toshibamodel:hem-gw16ascope:lteversion:1.2.9

Trust: 1.0

vendor:toshiba lightingmodel:home gateway hem-gw16ascope:lteversion:1.2.9

Trust: 0.8

vendor:toshiba lightingmodel:home gateway hem-gw26ascope:lteversion:1.2.9

Trust: 0.8

vendor:toshibamodel:home gateway hem-gw26ascope:lteversion:<=1.2.9

Trust: 0.6

vendor:toshibamodel:home gatewayscope:lteversion:<=1.2.9

Trust: 0.6

sources: CNVD: CNVD-2019-17156 // JVNDB: JVNDB-2018-000132 // NVD: CVE-2018-16197

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA: JVNDB-2018-000132
value: HIGH

Trust: 2.4

IPA: JVNDB-2018-000132
value: MEDIUM

Trust: 1.6

nvd@nist.gov: CVE-2018-16197
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2019-17156
value: LOW

Trust: 0.6

CNNVD: CNNVD-201812-807
value: MEDIUM

Trust: 0.6

VULHUB: VHN-126532
value: LOW

Trust: 0.1

IPA: JVNDB-2018-000132
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.4

nvd@nist.gov: CVE-2018-16197
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2018-000132
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2018-000132
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2019-17156
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-126532
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

IPA: JVNDB-2018-000132
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 2.4

nvd@nist.gov: CVE-2018-16197
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.0

IPA: JVNDB-2018-000132
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2018-000132
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-17156 // VULHUB: VHN-126532 // JVNDB: JVNDB-2018-000132 // JVNDB: JVNDB-2018-000132 // JVNDB: JVNDB-2018-000132 // JVNDB: JVNDB-2018-000132 // JVNDB: JVNDB-2018-000132 // CNNVD: CNNVD-201812-807 // NVD: CVE-2018-16197

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-78

Trust: 0.8

problemtype:CWE-Other

Trust: 0.8

problemtype:CWE-79

Trust: 0.8

problemtype:CWE-255

Trust: 0.8

problemtype:CWE-264

Trust: 0.8

problemtype:CWE-284

Trust: 0.1

sources: VULHUB: VHN-126532 // JVNDB: JVNDB-2018-000132 // NVD: CVE-2018-16197

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201812-807

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201812-807

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-000132

PATCH
title:Toshiba Lighting & Technology Corporation websiteurl:http://www.tlt.co.jp/tlt/information/seihin/notice/defect/20181219/20181219.htm
Trust: 0.8
title:TOSHIBAHomeGatewayHEM-GW26A and TOSHIBAHomeGatewayHEM-GW16A Access Control Error Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/163449
Trust: 0.6
title:TOSHIBA Home Gateway HEM-GW26A  and TOSHIBA Home Gateway HEM-GW16A Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88003
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-17156 // 
            
            
            
            JVNDB: JVNDB-2018-000132 // 
            
            
            
            CNNVD: CNNVD-201812-807

EXTERNAL IDS
db:NVDid:CVE-2018-16197
Trust: 3.1
db:JVNid:JVN99810718
Trust: 2.5
db:JVNDBid:JVNDB-2018-000132
Trust: 1.4
db:CNNVDid:CNNVD-201812-807
Trust: 0.7
db:CNVDid:CNVD-2019-17156
Trust: 0.6
db:VULHUBid:VHN-126532
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-17156 // 
            
            
            
            VULHUB: VHN-126532 // 
            
            
            
            JVNDB: JVNDB-2018-000132 // 
            
            
            
            CNNVD: CNNVD-201812-807 // 
            
            
            
            NVD: CVE-2018-16197

REFERENCES
url:https://jvn.jp/en/jp/jvn99810718/index.html
Trust: 2.5
url:http://www.tlt.co.jp/tlt/information/seihin/notice/defect/20181219/20181219.htm
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16201
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16197
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16198
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16199
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16200
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-16197
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-16198
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-16199
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-16200
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-16201
Trust: 0.8
url:https://jvndb.jvn.jp/en/contents/2018/jvndb-2018-000132.html
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-17156 // 
            
            
            
            VULHUB: VHN-126532 // 
            
            
            
            JVNDB: JVNDB-2018-000132 // 
            
            
            
            CNNVD: CNNVD-201812-807 // 
            
            
            
            NVD: CVE-2018-16197

SOURCES
db:CNVDid:CNVD-2019-17156
db:VULHUBid:VHN-126532
db:JVNDBid:JVNDB-2018-000132
db:CNNVDid:CNNVD-201812-807
db:NVDid:CVE-2018-16197

LAST UPDATE DATE
2024-11-23T22:17:09.227000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-17156date:2019-06-13T00:00:00
db:VULHUBid:VHN-126532date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2018-000132date:2019-08-28T00:00:00
db:CNNVDid:CNNVD-201812-807date:2019-10-23T00:00:00
db:NVDid:CVE-2018-16197date:2024-11-21T03:52:16.390

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-17156date:2019-06-13T00:00:00
db:VULHUBid:VHN-126532date:2019-01-09T00:00:00
db:JVNDBid:JVNDB-2018-000132date:2018-12-19T00:00:00
db:CNNVDid:CNNVD-201812-807date:2018-12-20T00:00:00
db:NVDid:CVE-2018-16197date:2019-01-09T23:29:04.623