JVNDB RSS Feed - New Entry

Multiple vulnerabilities in Edgecross Basic Software for Windows

2024-11-22T10:59+09:00

Edgecross Basic Software for Windows provided by Edgecross Consortium contains multiple vulnerabilities listed below. * Incorrect default permissions (CWE-276) - CVE-2024-4229 * External control of file name or path (CWE-73) - CVE-2024-4230 Edgecross Consortium reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

"Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key

2024-11-20T13:56+09:00

"Kura Sushi Official App Produced by EPARK" for Android provided by EPARK, Inc. uses a hard-coded cryptographic key (CWE-321). Nishimura Reiji of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Rakuten Turbo 5G

2024-11-19T10:41+09:00

Rakuten Turbo 5G provided by Rakuten Mobile, Inc. contains multiple vulnerabilities listed below. * Missing authentication for critical function (CWE-306) - CVE-2024-47865 * OS command injection (CWE-78) - CVE-2024-48895 * Exposure of sensitive system information to an unauthorized control sphere (CWE-497) - CVE-2024-52033 Samy Younsi of NeroTeam Security Labs reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in FitNesse

2024-11-20T11:18+09:00

FitNesse provided by unclebob contains multiple vulnerabilities listed below.

Cross-site scripting (CWE-79) - CVE-2024-39610
Path traversal (CWE-22) - CVE-2024-42499

Takeshi Kaneko of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in SoftBank Mesh Wi-Fi router RP562B

2024-11-13T14:26+09:00

Mesh Wi-Fi router RP562B provided by SoftBank Corp. contains multiple vulnerabilities listed below. * Active debug code (CWE-489) - CVE-2024-29075 * OS command injection (CWE-78) - CVE-2024-45827 * Exposure of sensitive system information to an unauthorized control sphere (CWE-497) - CVE-2024-47799 Samy Younsi of NeroTeam Security Labs reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting

2024-11-13T13:50+09:00

"Custom Alert Content" of WordPress Plugin "VK All in One Expansion Unit" provided by Vektor,Inc. contains a stored cross-site scripting vulnerability (CWE-79). Umeda Yuugo of Tokyo Denki University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Trend Micro Deep Security 20 Agent for Windows vulnerable to improper access control

2024-11-06T11:00+09:00

Trend Micro Incorporated has released a security update for Deep Security 20 Agent (for Windows) to fix a improper access control vulnerability (CVE-2024-48903). Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Incorrect authorization vulnerability in OMRON Sysmac Studio

2024-11-05T15:29+09:00

Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability (CWE-863, CVE-2024-49501). OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC coordinated with OMRON Corporation for the JVN advisory publication.

Command injection vulnerability in Trend Micro Cloud Edge

2024-11-01T14:28+09:00

Trend Micro Incorporated has released a security update for Cloud Edge to fix a command injection vulnerability (CVE-2024-48904). Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers

2024-11-01T13:49+09:00

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial (factory default) configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server (GUI) or Web authentication is enabled (CWE-684). The factory default configuration makes http-server (GUI) enabled, which means REST-APIs are also enabled. The username and the password for REST-APIs are configured in the factory default configuration. Century Systems Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Stack-based buffer overflow vulnerability in multiple Ricoh laser printers and MFPs which implement Web Image Monitor

2024-10-31T16:44+09:00

Web Image Monitor provided by Ricoh Company, Ltd. is an web server included and runs in Ricoh laser printers and MFPs (multifunction printers). Web Image Monitor contains a stack-based buffer overflow vulnerability (CWE-121) due to inappropriate parsing process of HTTP request. Zhihong Tian, Hui Lu, Guocheng Wu, and Xingchi Chen of the Cyberspace Advanced Technology Institute of Guangzhou University reported this vulnerability to Ricoh Company, Ltd. directly and coordinated. After the coordination, Ricoh Company, Ltd. reported this case to IPA under Information Security Early Warning Partnership, and JPCERT/CC coordinated with Ricoh Company, Ltd. for JVN publication.

Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials

2024-10-30T15:07+09:00

Multiple network cameras provided by Hangzhou Hikvision Digital Technology Co., Ltd. support two Dynamic DNS services, DynDNS and NO-IP.The user can select which to use on the GUI configuration page. Both the services provide their APIs accessible via HTTP and HTTPS, but old firmware versions of Hikvision devices only support HTTP.This means the credential information is transmitted in unencrypted form. As a security enhancement, the new firmware versions are provided, which change the behavior to communicate with the APIs via HTTPS only.

Multiple vulnerabilities in Sharp and Toshiba Tec MFPs

2024-10-28T17:33+09:00

MFPs (multifunction printers) provided by Sharp and Toshiba Tec Corporation contain multiple vulnerabilites listed below.

Out-of-bounds Read (CWE-125)
- CVE-2024-42420
- Out-of-bounds read vulnerabilities coming from improper processing of keyword search input and improper processing of SOAP messages
Out-of-bounds Read (CWE-125)
- CVE-2024-43424
- Out-of-bounds read vulnerability coming from improper processing of HTTP request headers
Out-of-bounds Read (CWE-125)
- CVE-2024-45829
- Out-of-bounds read vulnerability in the web page providing data downloading, where query parameters in HTTP requests are improperly processed
Path traversal (CWE-22)
- CVE-2024-45842
- Improper processing of URI data in HTTP PUT requests leads to path traversal vulnerability, unintended internal files may be retrieved
Improper access restriction on some configuration related APIs (CWE-749)
- CVE-2024-47005
- Some configuration related APIs are expected to be called by administrative users only, but insufficiently restricted
Authentication Bypass Using an Alternate Path (CWE-288)
- CVE-2024-47406
- Improper processing of HTTP authentication requests may lead to authentication bypass
Improper processing of query parameters in HTTP requests (CWE-644)
- CVE-2024-47549
- Improper processing of query parameters of HTTP requests may allow contamination of unintended data to HTTP response headers
Reflected Cross-site Scripting (CWE-79)
- CVE-2024-47801
- Reflected cross-site scripting vulnerability coming from improper processing of query parameters in HTTP requests
Stored Cross-site Scripting (CWE-79)
- CVE-2024-48870
- Stored cross-site scripting vulnerability coming from improper input data validation in URI data registration

Sharp Corporation reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN.

Chatwork Desktop Application (Windows) uses a potentially dangerous function

2024-10-28T14:29+09:00

Chatwork Desktop Application (Windows) provided by kubell Co., Ltd. contains an issue with use of potentially dangerous function (CWE-676), which allows a user to access an external website via a link in the application. RyotaK of Flatt Security Inc. directly reported this vulnerability to the developer and coordinated. After the coordination was completed, the developer reported this case to IPA under Information Security Early Warning Partnership to notify the users of the solution through JVN, and JPCERT/CC coordinated with the developer for JVN advisory publication.

Multiple vulnerabilities in baserCMS

2024-10-25T15:07+09:00

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below.

Stored cross-site scripting vulnerability due to inappropriate Slug handling on Article Edit (CWE-79) - CVE-2024-46996
Stored cross-site scripting vulnerability on Edit Email Form Settings (CWE-79) - CVE-2024-46998
Reflected cross-site scripting vulnerability due to inadequate error page generation process (CWE-81) - CVE-2024-46995
Stored cross-site scripting vulnerability due to inappropriate input data handling on Article Edit and Content List (CWE-79) - CVE-2024-46994

CVE-2024-46996 Ayato Shitomi of Fore-Z co.ltd and Rikuto Tauchi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-46998 Ayato Shitomi of Fore-Z co.ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-46995 Yusuke Uchida reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-46994 Kyohei Ota of LEON TECHNOLOGY,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple SQL injection vulnerabilities in Trend Micro Deep Discovery Inspector

2024-10-22T13:02+09:00

Trend Micro Incorporated has released a security update for Trend Micro Deep Discovery Inspector. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software

2024-11-21T11:37+09:00

AIPHONE IX SYSTEM is an IP Network Audio-Video Intercom and IXG SYSTEM is an IP-based Residential System. IX SYSTEM, IXG SYSTEM, and System Support Software contain multiple vulnerabilities listed below.

OS command injection (CWE-78) - CVE-2024-31408
Insufficiently protected credentials (CWE-522) - CVE-2024-39290
Use of hard-coded cryptographic key (CWE-321) - CVE-2024-45837
Improper access control (CWE-522) - CVE-2024-47142

Vera Mens of Claroty Research - Team82 reported these vulnerabilities to AIPHONE CO., LTD. and coordinated. After the coordination was completed, AIPHONE CO., LTD. reported this case to IPA to notify users of the solution through JVN. JPCERT/CC coordinated with the developer for the publication.

N-LINE vulnerable to HTML injection

2024-10-25T16:48+09:00

N-LINE provided by NEUMANN CO.LTD. is an online learning management system for driving schools. N-LINE processes inputs with insufficient check (CWE-94), and malicious inputs from an student's device may badly impact the instructor's screen. Ayato Shitomi of Fore-Z co.ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

MUSASI version 3 performing authentication on client-side

2024-10-25T16:55+09:00

MUSASI provided by NEUMANN CO.LTD. is an e-learning system for driving schools. MUSASI version 3 performs authentication within the client-side code (CWE-603), and the client in pre-authentication state retrieves the credential information from the server just when a user ID is input. This behavior may be exploited to fetch other users' credential information.

SHIRASAGI vulnerable to path traversal

2024-10-23T17:35+09:00

SHIRASAGI provided by SHIRASAGI Project processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability (CWE-22). Shogo Kumamaru of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Exment

2024-10-11T14:13+09:00

Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities listed below.

Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-46897
Stored Cross-site Scripting (CWE-79) - CVE-2024-47793

CVE-2024-46897 masataka sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-47793 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

baserCMS plugin "BurgerEditor" vulnerable to directory listing

2024-11-06T14:45+09:00

baserCMS plugin "BurgerEditor" provided by D-ZERO CO.,LTD. contains a directory listing vulnerability (CWE-548, CVE-2024-44807). If accessing a URL of the web site using the plugin that has a specific string added to the end, a list of uploaded files may be obtained. In addition, the uploaded file itself may be obtained through the list information. Koh You Liang of SOMPO Holdings and Orel Gispan of Sompo Digital Lab Tel Aviv reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software

2024-10-03T13:42+09:00

Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. * Out-of-bounds write (CWE-787) - CVE-2024-47134 * Stack-based buffer overflow (CWE-121) - CVE-2024-47135 * Out-of-bounds read (CWE-125) - CVE-2024-47136 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Apache Tomcat improper handling of TLS handshake process data

2024-10-01T17:51+09:00

Apache Tomcat provided by The Apache Software Foundation improperly handles TLS handshake process data, which may lead to a denial-of-service (DoS) condition (CWE-770, CVE-2024-38286). The reporter, Ozaki of North Grid Corporation, reported this issue directly to and coordinated with the developer. After the coordination, the reporter also reported the case to IPA, and JPCERT/CC coordinated with the developer to publish the advisory on JVN.

Vulnerability in Cosminexus

2024-10-01T16:01+09:00

Vulnerability has been found in Cosminexus.

Insecure initial password configuration issue in SEIKO EPSON Web Config

2024-11-12T10:25+09:00

Web Config is software that allows users to check the status and change the settings of SEIKO EPSON products, e.g., printers and scanners, via a web browser. In the initial setting no administrative password is set, and when a user connects the device and configures Web Config settings for the first time, the user is requested to set the password. Therefore, when a product is connected to network without the Web Config settings configured, arbitrary password may be set and the device may be operated with an administrative privilege by an attacker (CWE-1188). George Puckett reported this vulnerability to CERT/CC. Requested by CERT/CC, JPCERT/CC coordinated with the developer.

RevoWorks Cloud vulnerable to unintended process execution

2024-09-30T15:17+09:00

RevoWorks Cloud provided by J's Communication Co., Ltd. is software to build a sandbox environment isolated from a client's local environment. In the sandbox environment, the product provides the function enabling execution of web browsers and detection and blocking of unauthorized processes. However, a defect in this function was found which fails to detect unauthorized processes (CWE-863). J's Communication Co., Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and J's Communication Co., Ltd. coordinated under the Information Security Early Warning Partnership.

File Permissions Vulnerability in Hitachi Ops Center Common Services

2024-09-30T14:15+09:00

File permissions vulnerability exists in Hitachi Ops Center Common Services. * CVE-2024-2819: File permission vulnerability in Hitachi Ops Center Common Services (Display new window)

Multiple vulnerabilities in Smart-tab

2024-09-30T14:14+09:00

Smart-tab provided by TECHNO SUPPORT COMPANY is a multi-functional guest room tablet system for hotels and other accommodation facilities. Smart-tab contains multiple vulnerabilities listed below. * Active debug code (CWE-489) - CVE-2024-41999 * Plaintext storage of a password (CWE-256) - CVE-2024-42496 Shuto Imai of LAC Co., Ltd. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

SNMP service is enabled by default in Sharp NEC Display Solutions projectors

2024-09-30T12:46+09:00

Multiple projectors provided by Sharp NEC Display Solutions, Ltd. are configured with SNMP service enabled by default, therefore can be accessed by specifying SNMP community name "public" (CWE-1242 ,CVE-2024-7011). SNMP service configuration (enable/disable) cannot be changed on the management page of the projectors either. This vulnerability was directly reported to Sharp NEC Display Solutions, Ltd. by the reporter. Sharp NEC Display Solutions, Ltd. reported the case to JPCERT/CC to notify users of the solution through JVN. Reporter: JP Hofmeyr of Southern Metropolitan Cemeteries Trust

MF Teacher Performance Management System vulnerable to cross-site scripting

2024-10-10T11:14+09:00

MF Teacher Performance Management System provided by Media Fusion Co.,Ltd. contains a cross-site scripting vulnerability (CWE-79). Akira Sumiyoshi, Takuto Matsuhashi, Kei Watanabe, Akio Yamaguchi, Syunji Yazaki and Hideaki Tsuchiya of UEC-CSIRT, The University of Electro-Communications reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

The installer of e-Tax software(common program) vulnerable to privilege escalation

2024-09-24T16:12+09:00

The installer of e-Tax software(common program) provided by National Tax Agency contains a vulnerability which allows uploading a malicious DLL to be executed with higher privileges than that of an general user by altering registry (CWE-268). Takashi Yoshikawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple NTT EAST Home GateWay/Hikari Denwa routers fail to restrict access permissions

2024-10-18T11:02+09:00

Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION fail to restrict access permissions (CWE-451). Keishi Awata of logicalmixed reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in PLANEX COMMUNICATIONS network devices

2024-09-24T15:26+09:00

Multiple network devices (network cameras and a router) provided by PLANEX COMMUNICATIONS INC. contain multiple vulnerabilities listed below.

Cross-site request forgery (CWE-352) - CVE-2024-45372
Cross-site scripting vulnerability in the web management page (CWE-79) - CVE-2024-45836

CVE-2024-45372 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. CVE-2024-45836 Ryota Honda, Akihito Takeuchi, Daichi Uezono, Junnosuke Kushibiki, Ryu Kuki, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in TAKENAKA ENGINEERING digital video recorders

2024-09-19T14:07+09:00

Multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. contain multiple vulnerabilities listed below.

Improper authentication (CWE-287) - CVE-2024-41929
OS command injection (CWE-78) - CVE-2024-43778
Hidden functionality (CWE-912) - CVE-2024-47001

Yoshiki Mori, Ushimaru Hayato, Yuki Umemura and Masaki Kubo of Cybersecurity Research Institute, National Institute of Information and Communications Technology reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"

2024-09-18T14:34+09:00

WordPress plugin "Welcart e-Commerce" provided by Welcart Inc. contains multiple vulnerabilities listed below.

SQL injection (CWE-89) - CVE-2024-42404
Cross-site scripting (CWE-79) - CVE-2024-45366

Shogo Kumamaru of LAC CyberLink Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Assimp vulnerable to heap-based buffer overflow

2024-09-18T14:20+09:00

PlyLoader.cpp of Assimp provided by Open Asset Import Library contains a heap-based buffer overflow vulnerability (CWE-122). Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple Alps System Integration products and the OEM products vulnerable to cross-site request forgery

2024-09-09T16:40+09:00

Multiple Alps System Integration products and the OEM products contain a cross-site request forgery vulnerability (CWE-352). Yoshiaki komeyama of KOBELCO SYSTEMS CORPORATION reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Pgpool-II vulnerable to information disclosure

2024-09-09T14:58+09:00

Pgpool-II is a cluster management tool. Pgpool-II contains an information disclosure vulnerability (CWE-213) in its query cache function. PgPool Global Development Group reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and PgPool Global Development Group coordinated under the Information Security Early Warning Partnership.

"@cosme" App fails to restrict custom URL schemes properly

2024-09-09T14:20+09:00

"@cosme" App provided by istyle Inc. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. Pantuhong Sorasiri of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress Plugin "Forminator" vulnerable to cross-site scripting

2024-09-09T13:51+09:00

WordPress Plugin "Forminator" provided by WPMU DEV assists building web forms. When accessing the page including the web form created with Forminator, some information from the URL may be embedded to the web form. This feature processes the embedded information improperly, leading to cross-site scripting vulnerability (CWE-79). Yoshimitsu Kato of Asterisk Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple products from KINGSOFT JAPAN vulnerable to path traversal

2024-09-06T15:07+09:00

KINGSOFT JAPAN, INC. provides Kingsoft Office Software's WPS Office and its related products localized for Japan.
WPS Office and its related products provided by KINGSOFT JAPAN, INC. contain a path traversal vulnerability (CWE-22, CVE-2024-7262, CVE-2024-7263)) due to inadequate file path validation by promecefpluginhost.exe.
Note that, a report has been published describing that "WPS Office provided by Kingsoft Office Software is affected to this vulnerability and exploitation is observed".
KINGSOFT JAPAN, INC. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and KINGSOFT JAPAN, INC. coordinated under the Information Security Early Warning Partnership.

Secure Boot bypass Vulnerability in PRIMERGY

2024-09-06T14:39+09:00

PRIMERGY is an IA server provided by Fsas Technologies Inc. PRIMERGY contains a vulnerability where Secure Boot function is bypassed. This is due to a vulnerability called "PKFail" (CVE-2024-8105), which was publicly disclosed by Binarly. Fsas Technologies Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Fsas Technologies Inc. coordinated under the Information Security Early Warning Partnership.

WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting

2024-09-04T13:01+09:00

The field labels in WordPress Plugin "Advanced Custom Fields" provided by WP Engine contains a cross-site scripting vulnerability (CWE-79). Ryo Sotoyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Panasonic Control FPWIN Pro7 vulnerable to stack-based buffer overflow

2024-09-02T14:57+09:00

Control FPWIN Pro7 provided by Panasonic contains a stack-based buffer overflow vulnerability (CWE-121, CVE-2024-7013). Michael Heinzl reported this vulnerability to the developer and coordinated. After the coordination was completed, Panasonic reported the case to JPCERT/CC to notify users of the solutions through JVN.

IPCOM vulnerable to information disclosure

2024-08-30T14:56+09:00

SSL Accelerator/SSL-VPN Function of IPCOM provided by Fsas Technologies Inc. contains an information disclosure vulnerability due to observable timing discrepancy (CWE-208). Fsas Technologies Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Fsas Technologies Inc. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in WordPress plugin "Carousel Slider"

2024-08-30T13:58+09:00

WordPress plugin "Carousel Slider" provided by Sayful Islam contains 2 CSRF vulnerabilities listed below. * Cross-site request forgery on Carousel image selection feature (CWE-352) - CVE-2024-45269 * Cross-site request forgery on Hero image selection feature (CWE-352) - CVE-2024-45270 RyotaK of Flatt Security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WindLDR and WindO/I-NV4 store sensitive information in cleartext

2024-09-24T17:14+09:00

PLC programming software "WindLDR" and Operator Interfaces' Touchscreen Programming Software "WindO/I-NV4" provided by IDEC Corporation store sensitive information in cleartext form (CWE-312). Yuki Meguro of Toinx Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

xfpt vulnerable to stack-based buffer overflow

2024-08-29T14:07+09:00

xfpt fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability (CWE-121). Yuhei Kawakoya of NTT Security Holdings Corporation reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in ELECOM wireless LAN routers and access points

2024-08-27T14:40+09:00

Multiple wireless LAN routers and access points provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. * Cross-site scripting vulnerability due to an improper processing of input values in easysetup.cgi and menu.cgi (CWE-79) - CVE-2024-34577, CVE-2024-42412 * Missing authentication in Telnet function (CWE-306) - CVE-2024-39300 * Stack-based buffer overflow due to an improper processing of input values in common.cgi (CWE-121) - CVE-2024-43689 CVE-2024-34577 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-39300 SASABE Tetsuro reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-42412, CVE-2024-43689 RyotaK of Flatt Security Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Authentication Bypass Vulnerability in Hitachi Ops Center Common Services

2024-08-27T12:01+09:00

Authentication bypass vulnerability exists in Hitachi Ops Center Common Services.

Unquoted Service Path in Hitachi Device Manager

2024-08-26T16:27+09:00

Hitachi Device Manager contain the following vulnerabilities: CVE-2024-5963: An unquoted executable path exists in Hitachi Device Manager (Display new window)

BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection

2024-08-23T14:17+09:00

Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability (CWE-78). Yoshiki Mori and Masaki Kubo of National Institute of Information and Communications Technology, Cybersecurity Research Laboratory reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple Safie products vulnerable to improper server certificate verification

2024-08-29T12:23+09:00

Multiple Safie products are vulnerable to improper server certificate verification (CWE-295). The product can be operated via port 11029/TCP and Bluetooth, and its communications are AES encrypted. The product user can obtain the encryption key from the cloud server based on the device-specific information. The user who has obtained the device-specific information can directly operate the device (even if it is not owned by the user). Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries

2024-08-22T11:33+09:00

Installers of Trend Micro Security 2020 (Consumer) family may insecurely load Dynamic Link Libraries. Multiple products provided by Trend Micro Incorporated contain the DLL search path issue, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Packetbeat vulnerable to denial-of-service (DoS)

2024-08-21T17:54+09:00

Packetbeat provided by Elastic contains a denial-of-service (DoS) vulnerability. Packetbeat provided by Elastic is a network packet analyzer. Packetbeat contains a flaw in processing the PostgreSQL handler (CWE-129) .

Multiple vulnerabilities in LogonTracer

2024-08-21T17:37+09:00

LogonTracer provided by JPCERT Coordination Center is a tool to investigate malicious Windows logon by visualizing and analyzing Windows event log. LogonTracer contains multiple vulnerabilities listed below. * Cross-site Scripting (CWE-79) - CVE-2018-16165 CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1 CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N Base Score: 4.3 * XXE (XML External Entity) Injection (CWE-611) - CVE-2018-16166 CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L Base Score: 6.1 CVSS v2 AV:N/AC:L/Au:N/C:P/I:N/A:N Base Score: 5.0 * OS Command Injection (CWE-78) - CVE-2018-16167 CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Base Score: 10.0 CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:P Base Score: 7.5 * Code Injection (CWE-94) - CVE-2018-16168 CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Base Score: 10.0 CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:P Base Score: 7.5 Shoji Baba of Kobe Digital Labo, Inc. reported these vulnerabilities to JPCERT/CC, and JPCERT/CC fixed those vulnerabilities and released the updated version of software.

A vulnerability in TOYOTA MOTOR's DCU (Display Control Unit)

2024-08-20T18:12+09:00

TOYOTA MOTOR's DCU contains a vulnerability which is triggered by BlueBorne vulnerability. TOYOTA MOTER CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Trend Micro Security (Consumer) Driver vulnerable to Out-of-bounds Read

2024-08-20T17:52+09:00

Trend Micro Security (Consumer) Driver is vulnerable to Out-of-bounds Read. Multiple products provided by Trend Micro Incorporated contain Out-of-bounds Read vulnerability (CWE-125). Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

"Rakuten Ichiba App" fails to restrict custom URL schemes properly

2024-08-20T16:56+09:00

"Rakuten Ichiba App" provided by Rakuten Group, Inc. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

EL Injection Vulnerability in Hitachi Tuning Manager

2024-08-15T09:38+09:00

An EL Injection Vulnerability exists in Hitachi Tuning Manager. CVE-2024-5828:EL Injection Vulnerability in Hitachi Tuning Manager (Display new window)

WAON service app for Android fails to verify SSL server certificates

2024-08-15T09:36+09:00

WAON service app for Android provided by AEON CO., LTD. fails to verify SSL server certificates. Gaku Taniguchi of RiskFinder,inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Firmware update for RICOH JavaTM Platform resets the TLS configuration

2024-08-06T15:13+09:00

JavaTM Platform provided by Ricoh Company, Ltd. is the execution environment for firmware extensions of Ricoh MFPs and printers, providing TLS (Transport Layer Security) communication mechanism. When the firmware for JavaTM Platform is updated from Ver.12.89 or earlier versions to a newer version, the TLS configuration is reset to "TLS 1.0: enabled" and "TLS 1.1: enabled" (CWE-1188). Ricoh Company, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Ricoh Company, Ltd. coordinated under the Information Security Early Warning Partnership.

Cybozu Office vulnerable to bypass browsing restrictions in Custom App

2024-08-06T14:59+09:00

Cybozu Office provided by Cybozu, Inc. contains a vulnerability which allows to bypass browsing restrictions in Custom App (CWE-201). Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Pimax Play and PiTool accept WebSocket connections from unintended endpoints

2024-08-05T13:58+09:00

Pimax Play and PiTool provided by Pimax accept WebSocket connections from unintended endpoints (CWE-923). Rei Yano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN

2024-08-05T13:46+09:00

ZWX-2000CSW2-HN provided by ZEXELON CO., LTD. is a high-speed coaxial modem with wireless LAN functions. ZWX-2000CSW2-HN contains multiple vulnerabilities listed below.

Use of hard-coded credentials (CWE-798) - CVE-2024-39838
Incorrect permission assignment for critical resource (CWE-732) - CVE-2024-41720

Hiroki Sato of Tokyo Institute of Technology reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

FFRI AMC vulnerable to OS command injection

2024-07-30T16:40+09:00

FFRI AMC provided by FFRI Security, Inc. is a management console for the endpoint security product FFRI yarai and ActSecure X. FFRI AMC contains an OS command injection vulnerability (CWE-78). It is exploitable when the notification program setting is enabled, the executable file path is configured with a batch file (.bat) or command file (.cmd), and the file is written in a certain style. FFRI Security, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and FFRI Security, Inc. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in ELECOM wireless LAN routers

2024-09-24T17:04+09:00

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type (CWE-434) CVE-2024-34021 OS Command Injection (CWE-78) CVE-2024-39607 Cross-Site Request Forgery (CWE-352) CVE-2024-40883 CVE-2024-34021 Toyama Taku, and Daichi Arai of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-39607, CVE-2024-40883 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" vulnerable to stored cross-site scripting

2024-07-30T14:06+09:00

EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" provided by EC-CUBE CO.,LTD. contains a stored cross-site scripting vulnerability (CWE-79) in OAuth Management feature. EC-CUBE CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and EC-CUBE CO.,LTD. coordinated under the Information Security Early Warning Partnership.

EC-CUBE 4 Series improper input validation when installing plugins

2024-07-30T13:56+09:00

EC-CUBE 4 series provided by EC-CUBE CO.,LTD improperly validates inputs when installing plugins (CWE-349). EC-CUBE CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and EC-CUBE CO.,LTD. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series

2024-07-29T17:51+09:00

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. * Initialization of a Resource with an Insecure Default (CWE-1188) CVE-2024-31070 * Active Debug Code (CWE-489) CVE-2024-36475 * OS Command Injection (CWE-78) CVE-2024-36491 * Buffer Overflow (CWE-120) CVE-2020-10188 The product uses previous versions of netkit-telnet which contains a known vulnerability. CVE-2024-31070, CVE-2024-36475 Katsuhiko Sato(a.k.a. goroh_kun) of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer. CVE-2024-36491, CVE-2020-10188 Century Systems Co., Ltd. reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN.

SDoP contains a stack-based buffer overflow vulnerability.

2024-07-29T17:24+09:00

SDoP fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability (CWE-121). Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in SKYSEA Client View

2024-07-31T14:12+09:00

SKYSEA Client View provided by Sky Co.,LTD. is an Enterprise IT Asset Management Tool. SKYSEA Client View contains multiple vulnerabilities listed below.

Improper access control in the specific process (CWE-266) - CVE-2024-41139
Origin validation error in shared memory data exchanges (CWE-346) - CVE-2024-41143
Path traversal (CWE-22) - CVE-2024-41726

Ruslan Sayfiev, and Denis Faiustov of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to Sky Co.,LTD. and coordinated. Sky Co.,LTD. and JPCERT/CC published respective advisories in order to notify users of the solutions through JVN.

Multiple products from Check Point Software Technologies vulnerable to information disclosure

2024-10-24T16:37+09:00

Multiple products from Check Point Software Technologies contain an information disclosure vulnerability (CWE-200,CVE-2024-24919). JPCERT/CC coordinated with Check Point Software Technologies to publish this advisory in order to notify users of this vulnerability.

ORC vulnerable to stack-based buffer overflow

2024-07-26T13:55+09:00

ORC provided by GStreamer is typically used when developing GStreamer plugins. Stack-based buffer overflow vulnerability (CWE-121) exists in orcparse.c of ORC. Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Assimp vulnerable to heap-based buffer overflow

2024-07-18T13:44+09:00

Assimp provided by Open Asset Import Library contains a heap-based buffer overflow vulnerability (CWE-122). Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Cybozu Garoon vulnerable to cross-site scripting

2024-07-16T16:14+09:00

Cybozu Garoon provided by Cybozu, Inc. contains a cross-site scripting vulnerability in PDF preview (CWE-79). Masato Kinugawa reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN.

FUJITSU Network Edgiot GW1500 vulnerable to path traversal

2024-07-16T14:41+09:00

FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS) provided by Fujitsu Limited contains a path traversal vulnerability (CWE-22). Eddy HUYNH & Jonathan PAUC from LCIE - BUREAU VERITAS CPS reported this vulnerability to Fujitsu Limited and coordinated. After the coordination was completed, Fujitsu Limited reported the case to JPCERT/CC to notify users of the solution through JVN.

Out-of-bounds write vulnerability in Ricoh MFPs and printers

2024-07-10T14:16+09:00

MFPs (multifunction printers) and printers provided by Ricoh Company, Ltd. contain an out-of-bounds write vulnerability (CWE-787). Ricoh Company, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Ricoh Company, Ltd. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in multiple Webmin products

2024-07-09T14:27+09:00

Multiple Webmin products contain multiple vulnerabilities listed below. * sysinfo.cgi is vulnerable to cross-site scripting (CWE-79) CVE-2024-36450 * session_login.cgi is vulnerable to cross-site scripting (CWE-79) CVE-2024-36453 * ajaxterm module is vulnerable to improper handling of insufficient permissions or privileges (CWE-280) CVE-2024-36451 * ajaxterm module is vulnerable to cross-site request forgery (CWE-352) CVE-2024-36452 CVE-2024-36450, CVE-2024-36451, CVE-2024-36452 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-36453 hibiki moriyama of STNet, Incorporated reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Cleartext transmission issue in TONE store App to TONE store

2024-07-08T13:43+09:00

TONE store App provided by DREAM TRAIN INTERNET INC. contains a cleartext transmission issue to TONE store website (CWE-419). Kodai Karakawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

JP1/Extensible SNMP Agent fails to restrict access permissions

2024-07-03T14:57+09:00

JP1/Extensible SNMP Agent provided by Hitachi fails to restrict access permissions (CWE-276). Yutaka Kokubu, Shun Suzaki, and Kazuki Hirota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple TP-Link products vulnerable to OS command injection

2024-06-28T17:38+09:00

Multiple products provided by TP-LINK contains an OS command injection vulnerability (CWE-78) related to the backup/restore function. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

"Piccoma" App uses a hard-coded API key for an external service

2024-06-28T13:18+09:00

"Piccoma" App for Android and "Piccoma" App for iOS provided by Kakao piccoma Corp. use a hard-coded API key for an external service (CWE-798). Yoshihito Sakai of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress plugins "WP Tweet Walls" and "Sola Testimonials" vulnerable to cross-site request forgery

2024-06-26T14:25+09:00

WordPress plugins "WP Tweet Walls" and "Sola Testimonials" provided by Sola Plugins contain a cross-site request forgery vulnerability (CWE-352). These vulnerabilities are reported by the following reporters, and JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-38344: Yuya Asato of GMO Cybersecurity by Ierae, Inc. CVE-2024-38345: Yuta Takanashi

LINE client for iOS vulnerable to universal cross-site scripting

2024-06-24T11:05+09:00

The in-app browser of LINE client for iOS provided by LY Corporation contains a universal cross-site scripting vulnerability (CWE-79, CVE-2024-5739). LY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in multiple Trend Micro products

2024-06-20T14:59+09:00

Trend Micro Incorporated has released security updates for multiple Trend Micro products. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

"ZOZOTOWN" App for Android fails to restrict custom URL schemes properly

2024-06-19T16:04+09:00

"ZOZOTOWN" App for Android provided by ZOZO, Inc. provides the function to access a URL requested via Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites.

WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page

2024-06-19T14:25+09:00

WordPress plugin "SiteGuard WP Plugin" provided by EG Secure Solutions Inc. provides a functionality to customize the path to the login page wp-login.php. The plugin implements a measure to avoid redirection from other URLs, but missed to implement a measure to avoid redirection from wp-register.php (CWE-201). Yuuta Watanabe of STNet, Incorporated reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Ricoh Streamline NX PC Client

2024-06-18T14:56+09:00

Ricoh Streamline NX PC Client provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. * [ricoh-2024-000004] Improper restriction of communication channel to intended endpoints (CWE-923) - CVE-2024-36252 * [ricoh-2024-000005] Use of hard-coded credentials (CWE-798) - CVE-2024-36480 * [ricoh-2024-000006] Use of potentially dangerous function (CWE-676) - CVE-2024-37124 * [ricoh-2024-000007] Use of potentially dangerous function (CWE-676) - CVE-2024-37387 CVE-2024-36252 Cai, Qi Qi of Siemens China Cybersecurity Testing Center - Shadowless Lab reported this vulnerability to RICOH COMPANY, LTD. and coordinated. After the coordination was completed, RICOH COMPANY, LTD. reported the case to IPA to notify users of the solution through JVN. CVE-2024-36480, CVE-2024-37124, CVE-2024-37387 Abian Blome of Siemens Energy reported these vulnerabilities to RICOH COMPANY, LTD. and coordinated. After the coordination was completed, RICOH COMPANY, LTD. reported the case to IPA to notify users of the solution through JVN.

Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR

2024-06-18T13:43+09:00

ID Link Manager and FUJITSU Software TIME CREATOR provided by Fsas Technologies Inc. contain multiple vulnerabilities listed below. * Path Traversal (CWE-36) (CVE-2024-33620) * Missing Authentication (CWE-306) (CVE-2024-33622) * Information disclosure (CWE-204) (CVE-2024-34024) Christian Demko of WithSecure KK reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer Fsas Technologies Inc.

Multiple vulnerabilities in Toshiba Tec and Oki Electric Industry MFPs

2024-06-17T15:21+09:00

MFPs (multifunction printers) provided by Toshiba Tec Corporation and Oki Electric Industry Co., Ltd. contain multiple vulnerabilities listed below.

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') (CWE-776) - CVE-2024-27141, CVE-2024-27142
Execution with Unnecessary Privileges (CWE-250) - CVE-2024-27143, CVE-2024-27146, CVE-2024-27147, CVE-2024-3498
Incorrect Default Permissions (CWE-276) - CVE-2024-27148, CVE-2024-27149, CVE-2024-27150, CVE-2024-27151, CVE-2024-27152, CVE-2024-27153, CVE-2024-27155, CVE-2024-27167, CVE-2024-27171
Path Traversal (CWE-22) - CVE-2024-27144, CVE-2024-27145, CVE-2024-27173, CVE-2024-27174, CVE-2024-27176, CVE-2024-27177, CVE-2024-27178
Insertion of Sensitive Information into Log File (CWE-532) - CVE-2024-27154, CVE-2024-27156, CVE-2024-27157
Plaintext Storage of a Password (CWE-256) - CVE-2024-27166
Debug Messages Revealing Unnecessary Information (CWE-1295) - CVE-2024-27179
Use of Default Credentials (CWE-1392) - CVE-2024-27158
Use of Hard-coded Credentials (CWE-798) - CVE-2024-27159, CVE-2024-27160, CVE-2024-27161, CVE-2024-27168, CVE-2024-27170
Use of Hard-coded Password (CWE-259) - CVE-2024-27164
Cross-site Scripting (CWE-79) - CVE-2024-27162
Cleartext Transmission of Sensitive Information (CWE-319) - CVE-2024-27163
Least Privilege Violation (CWE-272) - CVE-2024-27165
Missing Authentication for Critical Function (CWE-306) - CVE-2024-27169
OS Command Injection (CWE-78) - CVE-2024-27172
External Control of File Name or Path (CWE-73) - CVE-2024-27175
Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) - CVE-2024-27180
Authentication Bypass Using an Alternate Path or Channel (CWE-288) - CVE-2024-3496
Relative Path Traversal (CWE-23) - CVE-2024-3497

Toshiba Tec Corporation reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Denial-of-service (DoS) vulnerability in IPCOM WAF function

2024-06-12T15:03+09:00

WAF function of IPCOM provided by Fsas Technologies Inc. contains a denial-of-service (DoS) vulnerability (CWE-908). Fsas Technologies Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Fsas Technologies Inc. coordinated under the Information Security Early Warning Partnership.

WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection

2024-06-10T17:08+09:00

WordPress Plugin "Music Store - WordPress eCommerce" provided by CodePeople contains an SQL injection vulnerability (CWE-89). Daiki Sato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in "FreeFrom - the nostr client" App

2024-06-07T14:51+09:00

"FreeFrom - the nostr client" App provided by FreeFrom K.K. contains multiple vulnerabilities listed below.

Improper verification of cryptographic signature (CWE-347) - CVE-2024-36277
Reliance on obfuscation or encryption of security-relevant inputs without integrity checking (CWE-649) - CVE-2024-36279
Reusing a nonce, key pair in encryption (CWE-323) - CVE-2024-36289

The people listed below reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Hayato Kimura of University of Hyogo Ryoma Ito of National Institute of Information and Communications Technology (NICT) Kazuhiko Minematsu of NEC Corporation/Yokohama National University Takanori Isobe of University of Hyogo

Multiple vulnerabilities in UNIVERSAL PASSPORT RX

2024-06-03T15:32+09:00

UNIVERSAL PASSPORT RX provided by Japan System Techniques Co., Ltd. contains multiple vulnerabilities listed below.

Cross-site scripting (CWE-79) - CVE-2023-42427
Dependency on vulnerable third-party component (CWE-1395)
Known vulnerability in Primefaces library used in the product
Cross-site scripting (CWE-79) - CVE-2023-51436

CVE-2023-42427 Japan System Techniques Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Japan System Techniques Co., Ltd. coordinated under the Information Security Early Warning Partnership. Known vulnerability in Primefaces library Morita Keiichi and Watanabe Kosuke of Tokyo Denki University reported to Japan System Techniques Co., Ltd. that this vulnerability still exists in the product and coordinated. Japan System Techniques Co., Ltd. and JPCERT/CC published respective advisories in order to notify users of this vulnerability. CVE-2023-51436 MATSUMOTO Yuuki of Tokyo University of Information Sciences reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Seiko Solutions SkyBridge MB-A100/MB-A110 and SkyBridge BASIC MB-A130 vulnerable to OS command injection

2024-06-03T14:53+09:00

SkyBridge MB-A100/MB-A110 and SkyBridge BASIC MB-A130 provided by Seiko Solutions Inc. contain a command injection vulnerability (CWE-77). Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in Sharp and Toshiba Tec MFPs

2024-06-03T14:36+09:00

Sharp and Toshiba Tec MFPs (multifunction printers) contain multiple vulnerabilities listed below. * Stack-based Buffer Overflow (CWE-121) - CVE-2024-28038 * Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28955 * Cleartext Storage of Sensitive Information (CWE-312) - CVE-2024-29146 * Plaintext Storage of a Password (CWE-256) - CVE-2024-29978 * Storing Passwords in a Recoverable Format (CWE-257) - CVE-2024-32151 * Path Traversal (CWE-22) - CVE-2024-33605 * Improper Access Control (CWE-284) - CVE-2024-33610, CVE-2024-33616 * Access to Critical Private Variable via Public Method (CWE-767) - CVE-2024-34162 * Use of Hard-coded Credentials (CWE-798) - CVE-2024-35244, CVE-2024-36248 * Cross-site Scripting (CWE-79) - CVE-2024-36249 * Out-of-bounds Read (CWE-125) - CVE-2024-36251, CVE-2024-36254 As for the vulnerabilities listed below, Pierre Barre reported them to JPCERT/CC, and JPCERT/CC coordinated with Sharp Corporation. CVE-2024-28038, CVE-2024-28955, CVE-2024-29146, CVE-2024-29978, CVE-2024-32151, CVE-2024-33605, CVE-2024-33610, CVE-2024-33616, CVE-2024-34162, CVE-2024-35244, CVE-2024-36248, CVE-2024-36251, CVE-2024-36254 As for the vulnerabilities listed below, Sharp Corporation received reports and coordinated with the reporters directly, and after the coordination was completed, Sharp reported them to JPCERT/CC to notify the users of the solutions through JVN. CVE-2024-33610, CVE-2024-36249, CVE-2024-36251, CVE-2024-36254

awkblog vulnerable to OS command injection

2024-05-30T14:39+09:00

awkblog provided by Keisuke Nakayama contains an OS command injection vulnerability (CWE-78). Keigo YAMAZAKI of LAC Co., Ltd. / Nuligen Security Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Redmine DMSF Plugin vulnerable to path traversal

2024-05-29T14:13+09:00

Redmine DMSF Plugin provided by Kontron contains a path traversal vulnerability (CWE-22). Tsukuba Secure Network Research Co. Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

EC-Orange vulnerable to authorization bypass

2024-05-29T14:06+09:00

EC-Orange provided by S-cubism Inc. is an e-commerce website building system package based on an open source software EC-CUBE. EC-Orange contains an authorization bypass vulnerability (CWE-639). This is the same issue as JVN#51770585 (EC-CUBE vulnerable to authorization bypass). This vulnerability was reported on July 2015. The coordination with the developer was resumed on December 2023, and this JVN publication was agreed upon.

ELECOM wireless LAN routers vulnerable to OS command injection

2024-05-29T12:33+09:00

Wireless LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability (CWE-78). Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in Unifier and Unifier Cast

2024-05-28T14:47+09:00

Unifier and Unifier Cast provided by Yokogawa Rental & Lease Corporation contains multiple vulnerabilities listed below.

Incorrect Default Permissions configured by Cast Launcher (CWE-276) - CVE-2024-23847
Missing Authorization for coejobhook Command Execution (CWE-862) - CVE-2024-36246

CVE-2024-23847 Yokogawa Rental & Lease Corporation reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Yokogawa Rental & Lease Corporation coordinated under the Information Security Early Warning Partnership. CVE-2024-36246 Taisei Ogura of MOTEX Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in UTAU

2024-05-28T14:23+09:00

UTAU provided by ameya/ayame contains multiple vulnerabilities listed below.

OS command injection (CWE-78) - CVE-2024-28886
Path Traversal (CWE-22) - CVE-2024-32944

Yu Ishibashi reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

OMRON NJ/NX series vulnerable to insufficient verification of data authenticity

2024-07-26T16:27+09:00

Machine Automation Controller NJ/NX series provided by OMRON Corporation contain an issue with insufficient verification of data authenticity (CWE-345). OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Splunk Config Explorer vulnerable to cross-site scripting

2024-05-24T13:50+09:00

Splunk Config Explorer provided by Chris Younger contains a reflected cross-site scripting vulnerability (CWE-79). Taihei Shimamine of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress Plugin "WP Booking" vulnerable to cross-site scripting

2024-05-24T13:41+09:00

WordPress Plugin "WP Booking" provided by aviplugins.com contains a stored cross-site scripting vulnerability (CWE-79). Daiki Sato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Android App "TP-Link Tether" and "TP-Link Tapo" vulnerable to improper server certificate verification

2024-05-21T13:33+09:00

Android App "TP-Link Tether" and "TP-Link Tapo" provided by TP-LINK GLOBAL INC. are vulnerable to improper server certificate verification (CWE-295). Kenichiro Ito of TDU Cryptography Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Panasonic KW Watcher vulnerable to memory buffer error

2024-05-17T15:46+09:00

KW Watcher provided by Panasonic contains a vulnerability due to improper restriction of operations within the bounds of a memory buffer (CWE-119, CVE-2024-4162). Michael Heinzl reported this vulnerability to Panasonic and coordinated. After the coordination was completed, Panasonic reported the case to JPCERT/CC to notify users of the solutions through JVN.

Ruijie BCR810W/BCR860 vulnerable to OS command injection

2024-05-17T13:54+09:00

Network router BCR810W/BCR860 provided by Ruijie Networks Co., Ltd. contains an OS command injection vulnerability (CVE-2023-3608, CWE-78). Note that this vulnerability can only be exploited when the BCOS port of the product is connected to the Internet. JPCERT/CC has confirmed attacks attempt to exploit this vulnerability.

WordPress Plugin "Download Plugins and Themes from Dashboard" vulnerable to path traversal

2024-05-17T13:33+09:00

WordPress Plugin "Download Plugins and Themes from Dashboard" provided by WPFactory LLC contains a path traversal vulnerability (CWE-22). Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to WPFactory LLC and coordinated. After the coordination was completed, this case was reported to IPA under Information Security Early Warning Partnership, and JPCERT/CC coordinated with the developer for publishing of this advisory.

Multiple vulnerabilities in Field Logic DataCube

2024-05-17T12:05+09:00

DataCube provided by Field Logic Inc. contains multiple vulnerabilities listed below. * Direct Request ('Forced Browsing') (CWE-425) - CVE-2024-25830 * Reflected cross-site scripting (CWE-79) - CVE-2024-25831 * Unrestricted upload of file with dangerous type (CWE-434) - CVE-2024-25832 * SQL injection (CWE-89) - CVE-2024-25833 CVE-2024-25830, CVE-2024-25831, CVE-2024-25832, CVE-2024-25833 Thomas J. Knudsen and Samy Younsi of NeroTeam Security Labs reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer. CVE-2024-25832 CV3TR4CK reported this vulnerability to JPCERT/CC during the coordination based on the above report.

Central Dogma vulnerable to cross-site scripting

2024-05-13T17:27+09:00

Central Dogma provided by LY Corporation contains a cross-site scripting vulnerability (CWE-79, CVE-2024-1143) because RelayState data is not properly treated when Central Dogma processes SAML messages. LY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in Cybozu Garoon

2024-05-13T15:19+09:00

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. * [CyVDB-3167] Improper handling of data in Mail (CWE-231) - CVE-2024-31397 * [CyVDB-3221] Improper restriction on the output of some API (CWE-201) - CVE-2024-31398 * [CyVDB-3238] Excessive resource consumption in Mail (CWE-1050) - CVE-2024-31399 * [CyVDB-3439] Cross-site scripting vulnerability in Scheduler (CWE-79) - CVE-2024-31401 * [CyVDB-3441] Improper restriction on some operation in Shared To-Dos (CWE-863) - CVE-2024-31402 * [CyVDB-3402] Information disclosure in Mail (CWE-201) - CVE-2024-31400 * [CyVDB-3151] Improper restriction on browsing and operation in Memo (CWE-863) - CVE-2024-31403 * [CyVDB-3471] Browse restriction bypass in Scheduler (CWE-201) - CVE-2024-31404 CVE-2024-31401 @bttthuan reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. CVE-2024-31403 Yuji Tounai reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. CVE-2024-31397, CVE-2024-31398, CVE-2024-31399, CVE-2024-31400, CVE-2024-31402, CVE-2024-31404 Cybozu, Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

"OfferBox" App uses a hard-coded secret key

2024-05-10T15:11+09:00

"OfferBox" App provided by i-plug inc. uses a hard-coded secret key for JWT (CWE-321). Yuta Yamate of Rakuten Group, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Hidden Functionality vulnerability in DT900

2024-05-10T13:59+09:00

DT900 contains a Hidden Functionality vulnerability(CWE-912). Specified versions allow an attacker to access the system setting. reported by Mr. Gianluca Altomani and Mr. Manuel Romei. for NEC-PSIRT

Phormer vulnerable to cross-site scripting

2024-05-10T13:48+09:00

Phormer contains a cross-site scripting vulnerability (CWE-79). Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in MosP kintai kanri

2024-05-09T14:10+09:00

MosP kintai kanri provided by esMind, LLC contains multiple vulnerabilities listed below.

Path Traversal (CWE-22) - CVE-2024-28880
Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-29078

Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress Plugin "Heateor Social Login WordPress" vulnerable to cross-site scripting

2024-05-08T13:43+09:00

WordPress Plugin "Heateor Social Login WordPress" provided by Heateor contains a stored cross-site scripting vulnerability (CWE-79). Daiki Sato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Trend Micro Maximum Security vulnerable to improper link resolution (CVE-2024-32849)

2024-05-08T10:19+09:00

Trend Micro Incorporated has released a security update for Trend Micro Maximum Security, fixing an improper link resolution vulnerability(CWE-59, CVE-2024-32849). Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

NETGEAR routers vulnerable to buffer overflow

2024-04-25T11:21+09:00

Multiple routers provided by NETGEAR Inc. contain a buffer overflow vulnerability (CWE-121, CVE-2023-27368). Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in RoamWiFi R10

2024-04-24T13:44+09:00

RoamWiFi R10 provided by RoamWiFi Technology Co., Ltd. contains multiple vulnerabilities listed below. * Active debug code (CWE-489) - CVE-2024-31406 * Insertion of sensitive information into log file (CWE-532) - CVE-2024-32051 Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in OMRON Sysmac Studio/CX-One and CX-Programmer

2024-04-24T10:13+09:00

OMRON Sysmac Studio/CX-One and CX-Programmer contain multiple vulnerabilities listed below. * Out-of-bounds read (CWE-125) - CVE-2024-31412 * Free of pointer not at start of buffer (CWE-761) - CVE-2024-31413 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

TvRock vulnerable to cross-site request forgery

2024-04-23T18:22+09:00

TvRock provided by TvRock (according to the original report submitted by the reporter) is a tool to set a timer recording for a TV program. TvRock contains a cross-site request forgery vulnerability (CWE-352). During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 20, 2023, it was judged that an advisory for this vulnerability shall be disclosed since all the criteria and conditions described below which are stated in Standards for Handling Vulnerability related Information of Software Products and Other and Information Security Early Warning Partnership Guideline have been satisfied. 1. The developer of the product is unreachable 2. Existence of vulnerability has been verified 3. Not disclosing this case may result in the risk that product users will have no means to know of the existence of the vulnerability in the product 4. There are no particular reasons that would make disclosure inappropriate

TvRock vulnerable to denial-of-service (DoS)

2024-04-23T18:21+09:00

TvRock provided by TvRock (according to the original report submitted by the reporter) is a tool to set a timer recording for a TV program. TvRock contains a denial-of-service (DoS) vulnerability (CWE-400). During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 20, 2023, it was judged that an advisory for this vulnerability shall be disclosed since all the criteria and conditions described below which are stated in Standards for Handling Vulnerability related Information of Software Products and Other and Information Security Early Warning Partnership Guideline have been satisfied. 1. The developer of the product is unreachable 2. Existence of vulnerability has been verified 3. Not disclosing this case may result in the risk that product users will have no means to know of the existence of the vulnerability in the product 4. There are no particular reasons that would make disclosure inappropriate

Armeria-saml improperly handles SAML messages

2024-04-22T17:28+09:00

Armeria-saml provided by LY Corporation contains an issue in handling SAML messages (CWE-304, CVE-2024-1735). LY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

LINE client for iOS vulnerable to improper server certificate verification

2024-04-22T15:27+09:00

The financial module within LINE client for iOS lacks server certificate verification in log transmission (CWE-295, CVE-2023-5554). LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in WordPress Plugin "Forminator"

2024-04-18T13:53+09:00

WordPress Plugin "Forminator" provided by WPMU DEV contains multiple vulnerabilities listed below. * Unrestricted upload of file with dangerous type (CWE-434) * SQL injection (CWE-89) * Cross-site scripting (CWE-79) hibiki moriyama of STNet, Incorporated reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Proscend Communications M330-W and M330-W5 vulnerable to OS command injection

2024-04-16T14:30+09:00

M330-W and M330-W5 provided by Proscend Communications Inc. are LTE Industrial Cellular Routers. M330-W and M330-W5 contain an OS command injection vulnerability (CWE-78). CYNEX Analysis Team of National Institute of Information and Communications Technology reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in BUFFALO wireless LAN routers

2024-04-15T16:29+09:00

Multiple wireless LAN routers provided by BUFFALO INC. contain multiple vulnerabilities listed below. * Plaintext storage of a password (CWE-256) * OS Command Injection (CWE-78) Satoru Nagaoka of Cyber Defense Institute, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in a-blog cms

2024-04-10T13:55+09:00

a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below. * Stored cross-site scripting vulnerability in Entry editing pages (CWE-79) - CVE-2024-30419 * Server-side request forgery (CWE-918) - CVE-2024-30420 * Directory traversal (CWE-22) - CVE-2024-31394 * Stored cross-site scripting vulnerability in Schedule labeling pages (CWE-79) - CVE-2024-31395 * Code injection (CWE-94) - CVE-2024-31396 Rikuto Tauchi of sangi reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in WordPress Plugin "Ninja Forms"

2024-04-08T13:44+09:00

WordPress Plugin "Ninja Forms" provided by Saturday Drive contains multiple vulnerabilities listed below. * Cross-site request forgery (CWE-352) - CVE-2024-25572 * Stored cross-site scripting in submit processing (CWE-79) - CVE-2024-26019 * Stored cross-site scripting in custom fields for labels (CWE-79) - CVE-2024-29220 CVE-2024-25572 Kohei Agena reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-26019, CVE-2024-29220 Ryotaro Imamura of SB Technology Corp. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Cente middleware

2024-09-24T15:00+09:00

Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NEXT Co., Ltd. contain multiple vulnerabilities listed below. * Out-of-bounds Read caused by improper checking of the option length values in IPv6 NDP packets (CWE-125) * Out-of-bounds Read caused by improper checking of the option length values in IPv6 headers (CWE-125) * Generation of Predictable Identifiers (CWE-340) DMG MORI Digital Co., LTD. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Multiple vulnerabilities in NEC Aterm series

2024-04-05T14:53+09:00

Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below.

Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28005
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28006
Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28007
Active Debug Code (CWE-489) - CVE-2024-28008
Use of Weak Credentials (CWE-1391) - CVE-2024-28009, CVE-2024-28012
Use of Hard-coded Credentials (CWE-798) - CVE-2024-28010
Inclusion of Undocumented Features (CWE-1242) - CVE-2024-28011
Insufficient Session Expiration (CWE-613) - CVE-2024-28013
Buffer Overflow (CWE-120) - CVE-2024-28014
OS Command Injection in the web management console (CWE-78) - CVE-2024-28015
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28016

The following people reported the vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-28005, CVE-2024-28008 Ryo Kashiro, and Katsuhiko Sato, and Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University CVE-2024-28006, CVE-2024-28007, CVE-2024-28009, CVE-2024-28010, CVE-2024-28011, CVE-2024-28012 Ryo Kashiro, and Katsuhiko Sato CVE-2024-28013 Yudai Morii, Takaya Noma, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University CVE-2024-28014, CVE-2024-28015, CVE-2024-28016 Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University

Multiple vulnerabilities in PLANEX COMMUNICATIONS wireless LAN router MZK-MF300N

2024-04-05T14:17+09:00

Wireless LAN router MZK-MF300N provided by PLANEX COMMUNICATIONS INC. contains multiple vulnerabilities listed below. * Active debug code (CWE-489) * Command Injection on certain port (CWE-77) Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

FURUNO SYSTEMS Managed Switch ACERA 9010 running in non MS mode with the initial configuration has no password

2024-04-02T18:03+09:00

In the initial configuration of Managed Switch ACERA 9010 provided by FURUNO Systems Co., Ltd., the password is empty (CWE-258) and the remote access service is enabled. The products are affected only when running in non MS mode with the initial configuration. FURUNO SYSTEMS Co.,Ltd. reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.

KEYENCE VT STUDIO may insecurely load Dynamic Link Libraries

2024-04-01T14:44+09:00

VT STUDIO provided by KEYENCE CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427, CVE-2024-28099). KEYENCE CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in KEYENCE KV STUDIO, KV REPLAY VIEWER, and VT5-WX15/WX12

2024-09-25T13:51+09:00

KV STUDIO, KV REPLAY VIEWER, and VT5-WX15/WX12 provided by KEYENCE CORPORATION contain multiple vulnerabilities listed below. * Out-of-bounds write (CWE-787) - CVE-2024-29218 * Out-of-bounds read (CWE-125) - CVE-2024-29219 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

"Yahoo! JAPAN" App vulnerable to cross-site scripting

2024-03-29T13:28+09:00

"Yahoo! JAPAN" App provided by LY Corporation contains a cross-site scripting vulnerability (CWE-79). Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

SEEnergy SVR-116 vulnerable to OS command injection

2024-03-28T11:38+09:00

Network video recorder SVR-116 provided by SEEnergy Corp. contains an OS command injection vulnerability (CWE-78). Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC to notify users its existence and the solutions through JVN.

Security information for Hitachi Disk Array Systems

2024-03-27T15:52+09:00

Log files of Hitachi Disk Array Systems have the CVE-2022-36407 Plaintext Storage of Passwords vulnerability.

Multiple vulnerabilities in WordPress Plugin "Survey Maker"

2024-03-27T14:48+09:00

WordPress Plugin "Survey Maker" provided by AYS Pro Plugins contains multiple vulnerabilities listed below.

Stored cross-site scripting (CWE-79) - CVE-2023-34423
Insufficient verification of data authenticity (CWE-345) - CVE-2023-35764

Atsuya Yoda of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries

2024-03-27T14:31+09:00

SonicDICOM Media Viewer provided by Fujidenolo Solutions Co., Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Taihei Shimamine of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to the developer and coordinated. After the coordination was completed, Taihei Shimamine reported the case to JPCERT/CC to notify users of the solution through JVN.

Multiple vulnerabilities in ELECOM wireless LAN routers

2024-08-28T17:16+09:00

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2024-25568 * OS Command Injection (CWE-78) - CVE-2024-26258 * Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) - CVE-2024-29225 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Mini Thread vulnerable to cross-site scripting

2024-03-26T17:43+09:00

Mini Thread <http://www.flashcgi.net/> provided by Flash CGI (according to the original report submitted by the reporter) is a CGI script for creating a bulletin board system (BBS). Mini Thread contains a cross-site scripting vulnerability (CWE-79). During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 20, 2023, it was judged that an advisory for this vulnerability shall be disclosed since all the criteria and conditions described below which are stated in Standards for Handling Vulnerability related Information of Software Products and Other and Information Security Early Warning Partnership Guideline have been satisfied. 1.The developer of the product is unreachable 2.Existence of vulnerability has been verified 3.Not disclosing this case may result in the risk that product users will have no means to know of the existence of the vulnerability in the product 4.There are no particular reasons that would make disclosure inappropriate

ffBull vulnerable to OS command injection

2024-03-26T16:07+09:00

ffBull <http://www.gem.hi-ho.ne.jp/fortunefield/cgi/ffbull.html> (according to the original report submitted by the reporter) provided by Fortunefield is a bulletin board system (BBS). ffBull contains an OS command injection vulnerability (CWE-78). During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 20, 2023, it was judged that an advisory for this vulnerability shall be disclosed since all the criteria and conditions described below which are stated in Standards for Handling Vulnerability related Information of Software Products and Other and Information Security Early Warning Partnership Guideline have been satisfied. 1.The developer of the product is unreachable 2.Existence of vulnerability has been verified 3.Not disclosing this case may result in the risk that product users will have no means to know of the existence of the vulnerability in the product 4.There are no particular reasons that would make disclosure inappropriate

"EasyRange" may insecurely load executable files

2024-03-26T15:50+09:00

"EasyRange" <http://sira.jp/soft/> provided by sira.jp (according to the original report submitted by the reporter) is a tool to extract compressed files. "EasyRange" contains an issue with the executable file search path when displaying an extracted file on Explorer, which may lead to loading an executable file resides in the same folder where the extracted file is placed (CWE-427). During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 20, 2023, it was judged that an advisory for this vulnerability shall be disclosed since all the criteria and conditions described below which are stated in Standards for Handling Vulnerability related Information of Software Products and Other and Information Security Early Warning Partnership Guideline have been satisfied. 1. The developer of the product is unreachable 2. Existence of vulnerability has been verified 3. Not disclosing this case may result in the risk that product users will have no means to know 4. There are no particular reasons that would make disclosure inappropriate

0ch BBS Script (0ch) vulnerable to cross-site scripting

2024-03-26T15:35+09:00

0ch BBS Script (0ch) (according to the original report submitted by the reporter) <http://0ch.mine.nu/> provided by Zerochannel (according to the original report submitted by the reporter) is bulletin board software. 0ch BBS Script (0ch) contains a cross-site scripting vulnerability (CWE-79). During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 20, 2023, it was judged that an advisory for this vulnerability shall be disclosed since all the criteria and conditions described below which are stated in Standards for Handling Vulnerability related Information of Software Products and Other and Information Security Early Warning Partnership Guideline have been satisfied. 1.The developer of the product is unreachable 2.Existence of vulnerability has been verified 3.Not disclosing this case may result in the risk that product users will have no means to know of the existence of the vulnerability in the product 4.There are no particular reasons that would make disclosure inappropriate

TvRock vulnerable to cross-site scripting

2024-03-26T14:27+09:00

TvRock <http://1st.geocities.jp/tvrock_web/> provided by TvRock (according to the original report submitted by the reporter) is a tool to set a timer recording for a TV program. TvRock contains a cross-site scripting vulnerability (CWE-79). During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 20, 2023, it was judged that an advisory for this vulnerability shall be disclosed since all the criteria and conditions described below which are stated in Standards for Handling Vulnerability related Information of Software Products and Other and Information Security Early Warning Partnership Guideline have been satisfied. 1. The developer of the product is unreachable 2. Existence of vulnerability has been verified 3. Not disclosing this case may result in the risk that product users will have no means to know 4. There are no particular reasons that would make disclosure inappropriate

WebProxy vulnerable to OS command injection

2024-03-26T14:19+09:00

WebProxy <http://www.ln-lab.net/> provided by LunarNight Laboratory (according to the original report submitted by the reporter) is software to build a proxy server. WebProxy contains an OS command injection vulnerability (CWE-78). During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 20, 2023, it was judged that an advisory for this vulnerability shall be disclosed since all the criteria and conditions described below which are stated in Standards for Handling Vulnerability related Information of Software Products and Other and Information Security Early Warning Partnership Guideline have been satisfied. 1. The developer of the product is unreachable 2. Existence of vulnerability has been verified 3. Not disclosing this case may result in the risk that product users will have no means to know 4. There are no particular reasons that would make disclosure inappropriate

BUFFALO LinkStation 200 series vulnerable to arbitrary code execution

2024-03-25T18:16+09:00

LinkStation 200 series provided by BUFFALO INC. is a network attached storage (NAS). LinkStation 200 series contains an arbitrary code execution vulnerability (CWE-354, CVE-2023-51073) due to insufficient verification of data authenticity during firmware update. BUFFALO INC. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in home gateway HGW BL1500HM

2024-03-25T17:28+09:00

Home gateway HGW BL1500HM provided by KDDI CORPORATION contains multiple vulnerabilities listed below. * Use of weak credentials (CWE-1391) - CVE-2024-21865, CVE-2024-29071 * Command injection (CWE-77) - CVE-2024-28041 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

WordPress Plugin "easy-popup-show" vulnerable to cross-site request forgery

2024-03-25T13:31+09:00

WordPress Plugin "easy-popup-show" provided by Ari Susanto contains a cross-site request forgery vulnerability (CWE-352). Daiki Kojima of Cryptography Laboratory, Department of Information and Communication Engineering, Tokyo Denki University reported this vulnerability to the developer and coordinated. After the coordination was completed, Daiki Kojima reported the case to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Sangoma Technologies CG/MG family driver cg6kwin2k.sys vulnerable to insufficient access control on its IOCTL

2024-04-24T11:45+09:00

CG/MG family driver cg6kwin2k.sys provided by Sangoma Technologies is vulnerable to insufficient access control on its IOCTL (CWE-782). Takahiro Haruyama of Broadcom Carbon Black reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in FitNesse

2024-03-19T11:02+09:00

FitNesse contains multiple vulnerabilities listed below.

Multiple cross-site scripting (CWE-79) - CVE-2024-23604, CVE-2024-28128
Improper restriction of XML external entity references (CWE-611) -CVE-2024-28039
OS command injection (CWE-78) - CVE-2024-28125

CVE-2024-23604, CVE-2024-28039, CVE-2024-28125 Kanta Nishitani of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-28128 Yutaka WATANABE of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"ABEMA" App for Android fails to restrict access permissions

2024-03-15T16:37+09:00

"ABEMA" App for Android provided by AbemaTV, Inc. fails to restrict access permissions (CWE-926) that allows another app installed on the user's device to access an arbitrary URL on "ABEMA" App via Intent. Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Information Exposure Vulnerability in Cosminexus Component Container

2024-03-13T12:10+09:00

An information exposure vulnerability (CVE-2023-6814) exists in Cosminexus Component Container. Affected products and versions are listed below. Please upgrade your version to the appropriate version. These vulnerabilities exist in Cosminexus Component Container which is a component product of other Hitachi products. For details about the fixed version about Cosminexus products, contact your Hitachi support service representative.

a-blog cms vulnerable to directory traversal

2024-03-08T15:27+09:00

a-blog cms provided by appleple Inc. is a content management system (CMS). a-blog cms contains a directory traversal vulnerability (CWE-22). Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

OMRON NJ/NX series vulnerable to path traversal

2024-03-08T14:16+09:00

Machine Automation Controller NJ/NX series provided by OMRON Corporation contain a path traversal vulnerability (CWE-22, CVE-2024-27121). OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in SKYSEA Client View

2024-07-29T18:13+09:00

SKYSEA Client View provided by Sky Co.,LTD. is an Enterprise IT Asset Management Tool. SKYSEA Client View contains multiple vulnerabilities listed below. * Improper access control in the specific folder (CWE-276) - CVE-2024-21805 * Improper access control in the resident process (CWE-749) - CVE-2024-24964 CVE-2024-21805 Ken Kitahara of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-24964 Ruslan Sayfiev, and Denis Faiustov of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Sky Co.,LTD. and coordinated. Sky Co.,LTD. and JPCERT/CC published respective advisories in order to notify users of the solutions through JVN.

FUJIFILM Business Innovation Corp. printers vulnerable to cross-site request forgery

2024-03-06T18:24+09:00

Multiple printers provided by FUJIFILM Business Innovation Corp. contain a cross-site request forgery vulnerability (CWE-352). Junnosuke Kushibiki, Ryu Kuki, Masataka Mizokuchi, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in printers and scanners which implement BROTHER Web Based Management

2024-03-06T18:12+09:00

Multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities listed below. * Improper Authentication (CWE-287) - CVE-2024-21824 * Cross-Site Request Forgery (CWE-352) - CVE-2024-22475 Hiroki Yasui, Yudai Morii, Takaya Noma, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Toyoko Inn official App vulnerable to improper server certificate verification

2024-03-06T13:53+09:00

Toyoko Inn official App provided by Toyoko Inn IT Solution Co., Ltd. is vulnerable to improper server certificate verification (CWE-295). Ryo Nihonyanagi of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Protection mechanism failure in RevoWorks

2024-02-29T15:40+09:00

RevoWorks SCVX and RevoWorks Browser provided by J's Communication Co., Ltd. enable users to execute web browsers in the sandboxed environment isolated from the client's local environment. In the products, file exchange between the sandboxed environment and local environment is prohibited in principle, but by using the optional "VirusChecker" or "ThreatChecker" feature and changing the policy settings, files checked for viruses by these features in the sandboxed environment can be permitted to be downloaded to the local environment. However, there is a vulnerability (CWE-693) in the products where malware detection is failed when data containing malware is saved in a specific file format (eml, dmg, vhd, iso, msi) in the sandboxed environment J's Communication Co., Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and J's Communication Co., Ltd. coordinated under the Information Security Early Warning Partnership.

OET-213H-BTS1 missing authorization check in the initial configuration

2024-02-29T14:59+09:00

OET-213H-BTS1 is a digital temperature measurement and face recognition terminal, developed by Zhejiang Uniview Technologies Co.,Ltd and provided by Atsumi Electric Co., Ltd. The initial configuration of the product is insecure (CWE-1188), it does not perform an authorization check when processing the API requests.

OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting

2024-02-29T13:12+09:00

OpenPNE plugin "opTimelinePlugin" provided by OpenPNE Project contains a stored cross-site scripting vulnerability (CWE-79) in Edit Profile page. Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in baserCMS

2024-02-27T14:25+09:00

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below.

Reflected cross-site scripting vulnerability in Site search Feature (CWE-79) - CVE-2023-44379
Stored cross-site scripting vulnerability in Content Management (CWE-79) - CVE-2024-26128
OS command injection vulnerability (CWE-78) - CVE-2023-51450

CVE-2023-44379 Yusuke Uchida of PERSOL CROSS TECHNOLOGY CO., LTD. (Not affiliated at the time of report submission) reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-26128 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-51450 Shunsuke Tanizaki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

ELECOM wireless LAN routers vulnerable to OS command injection

2024-08-28T17:09+09:00

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

EL Injection Vulnerability in Hitachi Global Link Manager

2024-02-21T15:53+09:00

An EL Injection Vulnerability (CVE-2024-0715) exists in Hitachi Global Link Manager. Affected products and versions are listed below. Please upgrade your version to the appropriate version.

Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater

2024-03-26T14:10+09:00

Multiple wireless LAN routers and wireless LAN repeater provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below.

Cross-site Scripting (CWE-79) - CVE-2024-21798
Cross-Site Request Forgery (CWE-352) - CVE-2024-23910

CVE-2024-21798 Yamaguchi Kakeru of Fujitsu Limited reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-23910 Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Android App "Mopria Print Service" vulnerable to improper intent handling

2024-02-15T15:26+09:00

Android app "Mopria Print Service" provided by Mopria Alliance is vulnerable to improper intent handling (CWE-668). Johan Francsics reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

a-blog cms vulnerable to URL spoofing

2024-02-15T14:12+09:00

a-blog cms provided by appleple Inc. is a content management system (CMS). a-blog cms contains an URL spoofing vulnerability (CWE-451). Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple out-of-bounds write vulnerabilities in Canon Office/Small Office Multifunction Printers and Laser Printers

2024-03-08T18:05+09:00

Office/Small Office Multifunction Printers and Laser Printers provided by Canon Inc. contain multiple out-of-bounds write vulnerabilities (CWE-787, CVE-2023-6229, CVE-2023-6230, CVE-2023-6231, CVE-2023-6232, CVE-2023-6233, CVE-2023-6234, CVE-2024-0244). Canon Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Sharp NEC Display Solutions' public displays vulnerable to local file inclusion

2024-07-11T14:27+09:00

Multiple public displays provided by Sharp NEC Display Solutions, Ltd. contain a local file inclusion vulnerability (CWE-22, CVE-2023-7077). Tunahan TEKEOĞLU of Senior Cyber Security Consultant reported this vulnerability to Sharp NEC Display Solutions, Ltd. and coordinated. Sharp NEC Display Solutions, Ltd. reported this case to JPCERT/CC to notify users of the solution through JVN.

Zeroshell vulnerable to OS command injection

2024-02-07T13:38+09:00

The web interface of Zeroshell, Linux distribution provided by Zeroshell.org, contains an OS command injection vulnerability (CWE-78). Hirukawa Norihiko of MYT Consulting Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple buffer overflow vulnerabilities in HOME SPOT CUBE2

2024-03-11T17:32+09:00

HOME SPOT CUBE2 provided by KDDI CORPORATION contains multiple vulnerabilities listed below. * Stack-based buffer overflow (CWE-121) - CVE-2024-21780 * Heap-based buffer overflow (CWE-122) - CVE-2024-23978 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Incorrect permission assignment vulnerability in Trend Micro uiAirSupport

2024-03-11T17:42+09:00

Trend Micro Incorporated has released a security update for Trend Micro uiAirSupport. Proof-of-concept code (PoC) for this vulnerability is available on the Internet. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Cybozu KUNAI for Android vulnerable to denial-of-service (DoS)

2024-06-27T13:28+09:00

Cybozu KUNAI for Android is a client application for using Cybozu products from an Android device. Cybozu KUNAI for Android contains an issue allowing to send massive requests to the connected Cybozu product if a user performs certain operations on KUNAI, which may result in repeated session disconnections in a short period of time and preventing normal use of KUNAI (CWE-436). Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

File and Directory Permissions Vulnerability in Hitachi Tuning Manager

2024-02-05T14:54+09:00

A File and Directory Permissions Vulnerability (CVE-2023-6457) exists in Hitachi Tuning Manager.

Group Office vulnerable to cross-site scripting

2024-03-11T18:04+09:00

Group Office provided by Intermesh BV contains a stored cross-site scripting vulnerability (CWE-79). Yoichi Tsuzuki of FFRI Security, Inc. and Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Payment EX vulnerable to information disclosure

2024-03-11T17:42+09:00

Payment EX provided by Simplesite contains an information disclosure vulnerability (CWE-200).

Multiple vulnerabilities in SHARP Energy Management Controller with Cloud Services

2024-01-31T16:01+09:00

Energy Management Controller with Cloud Services provided by SHARP CORPORATION contains multiple vulnerabilities listed below. * Improper authentication (CWE-287) - CVE-2024-23783 * Improper access control (CWE-284) - CVE-2024-23784 * Cross-site request forgery (CWE-352) - CVE-2024-23785 * Stored cross-site scripting (CWE-79) - CVE-2024-23786 * Path traversal (CWE-22) - CVE-2024-23787 * Server-side request forgery (CWE-918) - CVE-2024-23788 * OS command injection (CWE-78) - CVE-2024-23789 Shoji Baba of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

File and Directory Permissions Vulnerability in Hitachi Storage Plug-in for VMware vCenter

2024-03-11T17:41+09:00

A File and Directory Permissions Vulnerability exists in Hitachi Storage Plug-in for VMware vCenter. Affected products and versions are listed below. Please upgrade your version to the appropriate version.

ELECOM wireless LAN routers vulnerable to OS command injection

2024-08-28T17:12+09:00

Multiple ELECOM wireless LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Yamaha wireless LAN access point devices vulnerable to active debug code

2024-03-13T17:24+09:00

Active debug code (CWE-489) exists in wireless LAN access point devices provided by Yamaha Corporation. The debug function can be enabled by performing specific operations. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Oracle WebLogic Server vulnerable to HTTP header injection

2024-01-24T13:53+09:00

Oracle WebLogic Server provided by Oracle contains an HTTP header injection vulnerability (CWE-113). Professional Service Department of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"Mercari" App for Android fails to restrict custom URL schemes properly

2024-03-04T18:01+09:00

"Mercari" App for Android by Mercari, Inc. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. Shiga Takuma of BroadBand Security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Improper restriction of XML external entity references (XXE) in MLIT "Electronic Delivery Check System" and "Electronic delivery item Inspection Support System"

2024-03-13T17:40+09:00

"Electronic Delivery Check System" and "Electronic delivery item Inspection Support System" provided by Ministry of Land, Infrastructure, Transport and Tourism, Japan improperly restricts XML external entity references (XXE) (CWE-611). Toyama Taku, Iwakawa Kento of NEC Corporation, and Manami Kawauchi of NEC Fielding,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Android App "Spoon" uses a hard-coded API key for an external service

2024-03-14T17:44+09:00

Android App "Spoon" provided by Spoon Radio Japan Inc. uses a hard-coded API key for an external service (CWE-798). Yoshihito Sakai of BroadBand Security, Inc reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Improper restriction of XML external entity references (XXE) in "Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version)"

2024-03-14T17:33+09:00

"Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version)" provided by Ministry of Agriculture, Forestry and Fisheries improperly restricts XML external entity references (XXE) (CWE-611). Iwakawa Kento and Toyama Taku of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Improper restriction of XML external entity references (XXE) in Electronic Deliverables Creation Support Tool provided by Ministry of Defense

2024-03-13T17:46+09:00

Electronic Deliverables Creation Support Tool provided by Ministry of Defense improperly restricts XML external entity references (XXE) (CWE-611). Toyama Taku of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Access analysis CGI An-Analyzer vulnerable to open redirect

2024-03-13T17:34+09:00

Access analysis CGI An-Analyzer provided by ANGLERSNET Co,.Ltd. contains an open redirect vulnerability (CWE-601). Tomoomi Iwata of Information-technology Promotion Agency, Japan reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in a-blog cms

2024-03-13T17:50+09:00

a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below.

Improper input validation (CWE-20) - CVE-2024-23180
Cross-site scripting (CWE-79) - CVE-2024-23181
Relative path traversal (CWE-23) - CVE-2024-23182
Cross-site scripting (CWE-79) - CVE-2024-23183
Improper input validation (CWE-20) - CVE-2024-23348
Cross-site scripting (CWE-79) - CVE-2024-23782

CVE-2024-23180 Naoya Miyaguchi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-23181 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-23182, CVE-2024-23183 Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-23348, CVE-2024-23782 Yuta Morioka of Information Science College reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

FusionPBX vulnerable to cross-site scripting

2024-03-12T17:31+09:00

FusionPBX contains a stored cross-site scripting vulnerability (CWE-79). Satoshi Horikoshi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple Dahua Technology products vulnerable to authentication bypass

2024-07-11T16:10+09:00

Multiple products provided by Dahua Technology contain an authentication bypass vulnerability (CWE-287). Mitsui Bussan Secure Directions, Inc. reported the vulnerability existed in "DHI-ASI7213Y-V3-T1" to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Drupal vulnerable to improper handling of structural elements

2024-03-12T17:33+09:00

Drupal provided by Drupal.org contains an improper handling of structural elements vulnerability (CWE-237). Shiga Takuma of BroadBand Security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Pleasanter vulnerable to cross-site scripting

2024-01-15T15:59+09:00

Pleasanter provided by Implem Inc. contains a cross-site scripting vulnerability (CWE-79). Masamitsu Kushi of Operation Group, Communication Technology Department, Digital Innovation HQ at Mitsubishi Heavy Industries, Ltd. reported this vulnerability to Implem Inc. and coordinated. After the coordination was completed, Implem Inc. reported the case to IPA under the Information Security Early Warning Partnership to notify users of the solution through JVN.

Thermal camera TMC series vulnerable to insufficient technical documentation

2024-03-11T18:17+09:00

Thermal camera TMC series provided by THREE R SOLUTION CORP. JAPAN are vulnerable to insufficient technical documentation (CWE-1059). The related documentation does not describe the existence of the network interface, nor the internal storage for pictures and measurement data. Hiroyuki Harada of Sapporo Gakuin University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Improper input validation vulnerability in WordPress Plugin "WordPress Quiz Maker Plugin"

2024-03-14T12:28+09:00

WordPress Plugin "WordPress Quiz Maker Plugin" provided by AYS Pro Plugins contains an improper input validation vulnerability (CWE-20). Shogo Kumamaru of LAC CyberLink Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple TP-Link products vulnerable to OS command injection

2024-03-14T13:52+09:00

Multiple products provided by TP-LINK contain multiple vulnerabilities listed below. * OS command injection (CWE-78) - CVE-2024-21773 * OS command injection (CWE-78) - CVE-2024-21821 * OS command injection (CWE-78) - CVE-2024-21833 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in Panasonic Control FPWIN Pro7

2024-01-10T13:46+09:00

Control FPWIN Pro7 provided by Panasonic contains multiple vulnerabilities listed below. * Stack-based Buffer Overflow (CWE-121) - CVE-2023-6314 * Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) - CVE-2023-6315 Michael Heinzl reported these vulnerabilities to the developer and coordinated. After the coordination was completed, Panasonic reported the case to JPCERT/CC to notify users of the solutions through JVN.

Multiple vulnerabilities in PowerCMS

2024-03-18T17:58+09:00

PowerCMS provided by Alfasado Inc. contains multiple vulnerabilities listed below.

Stored cross-site scripting vulnerability in the management screen (CWE-79) - CVE-2023-49117
Open redirect vulnerability in the members' site (CWE-601) - CVE-2023-50297

Alfasado Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. JPCERT/CC and Alfasado Inc. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in BUFFALO VR-S1000

2024-03-19T17:56+09:00

VR-S1000 provided by BUFFALO INC. contains multiple vulnerabilities listed below.

OS command injection (CWE-78) - CVE-2023-45741
Argument injection (CWE-88) - CVE-2023-46681
Use of hard-coded cryptographic key (CWE-321) - CVE-2023-46711
Information disclosure (CWE-200) - CVE-2023-51363

CVE-2023-45741, CVE-2023-46681, CVE-2023-46711 Thomas J. Knudsen and Samy Younsi of NeroTeam Security Labs reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer. CVE-2023-51363 MASAHIRO IIDA of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Brother iPrint&Scan Desktop for Windows vulnerable to improper link resolution before file access

2024-03-18T18:05+09:00

iPrint&Scan Desktop for Windows provided by Brother Industries, Ltd. outputs logs to a certain log file. The affected version of the product does not check whether the log file is a normal file or a symbolic link to a certain file (CWE-59). Chris Au reported this vulnerability to Brother Industries, Ltd. and coordinated. Brother Industries, Ltd. and JPCERT/CC published respective advisories in order to notify users of this vulnerability.

WordPress plugin "MW WP Form" vulnerable to arbitrary file upload

2024-03-26T17:39+09:00

WordPress plugin "MW WP Form" provided by Web Consultation Office Co., Ltd can create a mail form using shortcode. MW WP Form contains a vulnerability that may allow an attacker to upload arbitrary files (CVE-2023-6316, CWE-434).

Multiple vulnerabilities in GROWI

2024-03-19T17:46+09:00

GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below.

Stored cross-site scripting vulnerability in the presentation feature (CWE-79) - CVE-2023-42436
Stored cross-site scripting vulnerability in the App Settings (/admin/app) page and the Markdown Settings (/admin/markdown) page (CWE-79) - CVE-2023-45737
Stored cross-site scripting vulnerability when processing profile images (CWE-79) - CVE-2023-45740
Cross-site request forgery vulnerability in the User settings (/me) page (CWE-352) - CVE-2023-46699
Stored cross-site scripting vulnerability exploiting a behavior of the XSS Filter (CWE-79) - CVE-2023-47215
Stored cross-site scripting vulnerability via the img tags (CWE-79) - CVE-2023-49119
Stored cross-site scripting vulnerability in the event handlers of the pre tags (CWE-79) - CVE-2023-49598
Stored cross-site scripting vulnerability in the anchor tag (CWE-79) - CVE-2023-49779
Stored cross-site scripting vulnerability when processing the MathJax (CWE-79) - CVE-2023-49807
Stored cross-site scripting vulnerability in the App Settings (/admin/app) page, the Markdown Settings (/admin/markdown) page, and the Customize (/admin/customize) page (CWE-79) - CVE-2023-50175
Cleartext storage of sensitive information vulnerability in the App Settings (/admin/app) page's Secret access key (CWE-312) - CVE-2023-50294
Improper authorization in the User Management (/admin/users) page (CWE-285) - CVE-2023-50332
Stored cross-site scripting vulnerability in the User Management (/admin/users) page (CWE-79) - CVE-2023-50339

CVE-2023-42436 Kakeru Kajihara of NTT-ME System Operation Center reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-45737 Naoki Takayama of University of Tsukuba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-45740 Kanta Nishitani of GMO Cybersecurity by Ierae Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-46699 Norihide Saito reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-47215, CVE-2023-49779 Naoya Miyaguchi of Kanmu, Inc reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-49119 Naoki Takayama of University of Tsukuba, Suguru Itagaki of NTT-ME System Operation Center, and Norihide Saito of Flatt Security inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-49598 Naoya Miyaguchi of Kanmu, Inc, SHO ODAGIRI of GMO Cybersecurity by Ierae Inc., Tsubasa Fujii (@reinforchu), Eiji Mori of Flatt Security Inc., Shiga Takuma of BroadBand Security Inc., and Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-49807 Naoya Miyaguchi of Kanmu, Inc and Naoki Takayama of University of Tsukuba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-50175 Norihide Saito of Flatt Security inc., Naoya Miyaguchi of Kanmu, Inc, and Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-50294, CVE-2023-50332, CVE-2023-50339 Norihide Saito of Flatt Security inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

ELECOM wireless LAN routers vulnerable to OS command injection

2024-04-18T17:22+09:00

Multiple ELECOM wireless LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability (CWE-78). Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 series

2024-04-22T16:55+09:00

HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contains multiple denial-of-service (DoS) vulnerabilities listed below.

Denial-of-service (DoS) vulnerability in FTP service (CWE-400) - CVE-2023-41963
Denial-of-service (DoS) vulnerability in commplex-link service (CWE-400) - CVE-2023-49140
Denial-of-service (DoS) vulnerability in rfe service (CWE-400) - CVE-2023-49143
Denial-of-service (DoS) vulnerability in NetBIOS service (CWE-400) - CVE-2023-49713

JTEKT ELECTRONICS CORPORATION reported these vulnerabilities to IPA to notify users of the solution through JVN. JPCERT/CC and JTEKT ELECTRONICS CORPORATION coordinated under the Information Security Early Warning Partnership.

FXC wireless LAN routers "AE1021PE" and "AE1021" vulnerable to OS command injection Critical

2023-12-25T16:54+09:00

"AE1021PE" and "AE1021" provided by FXC Inc. are information outlet-based wireless LAN routers. "AE1021PE" and "AE1021" contain an OS command injection vulnerability (CWE-78). JPCERT/CC has confirmed the communication which exploits this vulnerability. Ryu Kuki, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. And almost at the same time, The Akamai SIRT reported this vulnerability to CISA. JPCERT/CC coordinated with the developer.

OS command injection vulnerability in DT900

2023-12-06T14:43+09:00

DT900 contains an OS command injection vulnerability. reported by Mr. Gianluca Altomani. for NEC-PSIRT

RakRak Document Plus vulnerable to path traversal

2024-01-24T12:06+09:00

RakRak Document Plus provided by Sumitomo Electric Information Systems Co., Ltd. contains a path traversal vulnerability (CWE-22). Asato Masamu of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Ruckus Access Point contains a cross-site scripting vulnerability.

2024-04-23T17:51+09:00

Ruckus Access Point provided by CommScope, Inc. contains a cross-site scripting vulnerability (CWE-79). MUNEHIRO SHIRATANI of AGEST,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in LuxCal Web Calendar

2023-11-20T17:15+09:00

LuxCal Web Calendar provided by LuxSoft contains multiple vulnerabilities listed below.

SQL injection (CWE-89) - CVE-2023-46700
Cross-site scripting (CWE-79) - CVE-2023-47175

Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in EXPRESSCLUSTER X

2024-05-01T18:10+09:00

WebManager/Cluster WebUI of EXPRESSCLUSTER X provided by NEC Corporation contains multiple vulnerabilities listed below. * Missing authorization (CWE-862) - CVE-2023-39544 * Files or directories accessible to external parties (CWE-552) - CVE-2023-39545 * Use of password hash instead of password for authentication (CWE-836) - CVE-2023-39546 * Authentication bypass by Capture-replay (CWE-294) - CVE-2023-39547 * Unrestricted upload of file with dangerous type (CWE-434) - CVE-2023-39548

Multiple vulnerabilities in First Corporation's DVRs

2024-07-11T17:05+09:00

DVRs provided by First Co., Ltd. contain multiple vulnerabilities listed below. * Use of hard-coded password (CWE-259) - CVE-2023-47213 * Missing authentication for critical function (CWE-306) - CVE-2023-47674 Yoshiki Mori of National Institute of Information and Communications Technology Cybersecurity Research Institute reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Redmine vulnerable to cross-site scripting

2024-05-09T17:55+09:00

Redmine contains a cross-site scripting vulnerability (CWE-79) due to improper character string processing. Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in CubeCart

2024-04-30T18:15+09:00

CubeCart provided by CubeCart Limited contains multiple vulnerabilities listed below.

Cross-site request forgery (CWE-352) - CVE-2023-38130
Directory traversal (CWE-22) - CVE-2023-42428
Directory traversal (CWE-22) - CVE-2023-47283
OS command injection (CWE-78) - CVE-2023-47675

Gen Sato of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to the developer first, and to IPA later. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in ELECOM and LOGITEC routers

2024-04-26T15:22+09:00

Multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2023-43752 * Inadequate Encryption Strength (CWE-326) - CVE-2023-43757 CVE-2023-43752 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. CVE-2023-43757 Katsuhiko Sato(a.k.a. goroh_kun), Yuya Adachi and Ryo Kamino of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

ASUSTeK COMPUTER RT-AC87U vulnerable to improper access control

2024-04-30T18:08+09:00

RT-AC87U provided by ASUSTeK COMPUTER INC. contains an improper access control vulnerability (CWE-284). Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

OSS Calendar vulnerable to SQL injection

2024-05-01T17:38+09:00

OSS Calendar provided by Thinkingreed Inc. contains an SQL injection vulnerability (CWE-89). Shogo Iyota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple security updates for Trend Micro Apex One and Apex One as a Service (November 2023)

2024-03-13T17:28+09:00

Trend Micro Incorporated has released multiple security updates for Trend Micro Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Multiple vulnerabilities in Pleasanter

2024-04-22T17:56+09:00

Pleasanter provided by Implem Inc. contains multiple vulnerabilities listed below.

Stored cross-site scripting vulnerability (CWE-79) - CVE-2023-34439
Improper access control vulnerability (CWE-284) - CVE-2023-45210
Open redirect vulnerability (CWE-601) - CVE-2023-46688
Authentication bypass vulnerability by SAML (CWE-289) - CVE-2023-41890

CVE-2023-41890 This issue is caused by a vulnerability in Sustainsys.Saml2 library used in the product. CVE-2023-34439,CVE-2023-45210 Sato Nobuhiro of Suzuki Motor Corporation and You Okuma of LAC Co., Ltd. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-46688 Yoichi Tsuzuki of FFRI Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Implem Inc. reported to IPA that CVE-2023-41890 vulnerability still exists in the product. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in Cisco Firepower Management Center Software

2024-05-07T15:07+09:00

Cisco Firepower Management Center Software provided by Cisco Systems contains multiple vulnerabilities listed below.

OS command injection (CWE-78) - CVE-2023-20219
Path traversal (CWE-22) - CVE-2023-20220

Kentaro Kawane of LAC Co., Ltd. reported these vulnerabilitis to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Remarshal unlimitedly expanding YAML alias nodes

2024-05-08T17:53+09:00

Remarshal provided by Remarshal Project expands YAML alias nodes unlimitedly (CWE-674), hence Remarshal is vulnerable to Billion Laughs Attack. Taichi Kotake of Sterra Security Co.,Ltd. / Akatsuki Games Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

HOTELDRUID vulnerable to cross-site scripting

2024-05-01T17:47+09:00

HOTELDRUID provided by DigitalDruid.Net contains a cross-site scripting vulnerability (CWE-79). Tomoro Taniguchi of FiveDrive, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution

2024-05-09T17:17+09:00

EC-CUBE 3 series and 4 series provided by EC-CUBE CO.,LTD. contain an arbitrary code execution vulnerability (CWE-94) due to improper settings of the product's template engine "Twig". Takeshi Miura of N.F.Laboratories Inc. reported this vulnerability to EC-CUBE CO.,LTD. EC-CUBE CO.,LTD. Inc. reported this case to JPCERT/CC to notify users of its solution through JVN.

FUJIFILM Business Innovation Corp. and Xerox Corporation MFPs export Address Books with insufficient encryption strength

2024-05-07T15:25+09:00

Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient (CWE-1391). Kunal Thakrar and Ceri Coburn of Pen Test Partners directly reported this vulnerability to FUJIFILM Business Innovation Corp. FUJIFILM Business Innovation Corp. reported this case to JPCERT/CC to request the coordination with the reporter.

Improper restriction of XML external entity references (XXE) in e-Tax software

2024-05-01T18:41+09:00

e-Tax software provided by National Tax Agency improperly restricts XML external entity references (XXE) (CWE-611) due to the configuration of the embedded XML parser. Toyama Taku of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer

2023-11-02T12:14+09:00

Multiple vulnerabilities have been found in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer.

MCL Technologies MCL-Net vulnerable to directory traversal

2023-11-01T16:49+09:00

Server software "MCL-Net" provided by MCL Technologies contains a directory traversal vulnerability (CWE-22, CVE-2023-4990). Panasonic reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Cybozu Remote Service vulnerable to uncontrolled resource consumption

2024-05-07T15:51+09:00

Cybozu Remote Service provided by Cybozu, Inc. is vulnerable to uncontrolled resource consumption (CWE-400). Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Inkdrop vulnerable to code injection

2024-05-07T16:09+09:00

Inkdrop provided by Takuya Matsuyama is a Markdown editor. Inkdrop contains a code injection vulnerability (CWE-94). T.Nodoka reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL

2024-05-20T17:49+09:00

Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-20598). Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in baserCMS

2024-05-07T15:59+09:00

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below.

Stored cross-site scripting vulnerability (CWE-79) - CVE-2023-29009
Reflected cross-site scripting vulnerability (CWE-79) - CVE-2023-43647
Directory traversal vulnerability (CWE-22) - CVE-2023-43648
Cross-site request forgery vulnerability (CWE-352) - CVE-2023-43649
Arbitrary file upload vulnerability (CWE-434) - CVE-2023-43792

CVE-2023-29009 Kyohei Ota reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-43647, CVE-2023-43648, CVE-2023-43649, CVE-2023-43792 Shiga Takuma of BroadBand Security, Inc reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Movable Type vulnerable to cross-site scripting

2024-05-10T17:47+09:00

Movable Type provided by Six Apart Ltd. contains a cross-site scripting vulnerability (CWE-79). Six Apart Ltd. reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN. JPCERT/CC and Six Apart Ltd. coordinated under the Information Security Early Warning Partnership.

Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Designer

2024-05-10T17:47+09:00

CX-Designer provided by OMRON Corporation contains an improper restriction of XML external entity reference (XXE) vulnerability (CWE-611). Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

HP ThinUpdate vulnerable to improper server certificate verification

2023-10-23T14:26+09:00

HP ThinUpdate provided by HP Development Company, L.P. is vulnerable to improper server certificate verification (CWE-295). Narumi Hirai of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in JustSystems products

2024-05-16T16:44+09:00

Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below. * Use after free (CWE-416) - CVE-2023-34366 * Integer overflow (CWE-190) - CVE-2023-38127 * Access of resource using incompatible type (Type confusion) (CWE-843) - CVE-2023-38128 * Improper validation of array index (CWE-129) - CVE-2023-35126 Cisco Talos Security Intelligence & Research Group reported these vulnerabilities to JustSystems Corporation and coordinated. JustSystems Corporation and JPCERT/CC published respective advisories in order to notify users of the solution through JVN.

Improper restriction of XML external entity references (XXE) in Proself

2024-05-15T17:08+09:00

Proself provided by North Grid Corporation improperly restricts XML external entity references (XXE) (CWE-611). The developer states that attacks exploiting this vulnerability have been observed. North Grid Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and North Grid Corporation coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in JTEKT ELECTRONICS OnSinView2

2024-05-16T17:28+09:00

OnSinView2 provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. * Improper restriction of operations within the bounds of a memory buffer (CWE-119) - CVE-2023-42506 * Stack-based buffer overflow (CWE-121) - CVE-2023-42507 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Scanning evasion issue in Cisco Secure Email Gateway

2023-10-27T15:52+09:00

Cisco Secure Email Gateway provides anti-virus scanning facility for e-mail attachments. It was reported that a certain crafted file can evade anti-virus scanning facility. This issue was found by Takahiro Ohtani and Michael Joshua Telloyan in the Bug Bounty program at the University of Electro-Communications. They then reported it to IPA, and JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

web2py vulnerable to OS command injection

2024-05-22T17:58+09:00

web2py web application framework contains an OS command injection vulnerability (CWE-78). Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Out-of-bounds read vulnerability in Keyence KV STUDIO and KV REPLAY VIEWER

2024-05-16T17:09+09:00

KV STUDIO and KV REPLAY VIEWER provided by KEYENCE CORPORATION contain an out-of-bounds read vulnerability (CWE-125, CVE-2023-42138). Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

e-Gov Client Application fails to restrict custom URL schemes properly

2024-05-17T17:55+09:00

e-Gov Client Application is installed, a Custom URL Scheme is configured on the system to enable invoking the product through a web browser. This custom URL contains the information about the website which the product should access, and a crafted URL may direct the application to access an unexpected website (CWE-939). Toyama Taku of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Information Exposure Vulnerability in Hitachi Ops Center Administrator

2024-05-22T15:20+09:00

A vulnerability (CVE-2023-3335) exists in Hitachi Ops Center Administrator.

DoS Vulnerability in Hitachi Ops Center Common Services

2024-05-22T15:31+09:00

A DoS vulnerability (CVE-2023-3967) exists in Hitachi Ops Center Common Services.

File and Directory Permissions Vulnerability in JP1/Performance Management

2023-10-04T15:23+09:00

A File and Directory Permissions Vulnerability (CVE-2023-3440) exists in JP1/Performance Management.

Citadel WebCit vulnerable to cross-site scripting on Instant Messaging facility

2024-05-21T17:08+09:00

Citadel WebCit provided by Citadel contains a cross-site scripting vulnerability (CWE-79). Tomoro Taniguchi of FiveDrive, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in multiple FURUNO SYSTEMS wireless LAN access point devices in ST(Standalone) mode

2024-05-22T18:01+09:00

Wireless LAN access point devices provided by FURUNO SYSTEMS Co.,Ltd., running in ST(Standalone) mode, contain multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2023-39222 * Cross-site Scripting (CWE-79) - CVE-2023-39429 * Cross-Site Request Forgery (CWE-352) - CVE-2023-41086 * Authentication Bypass (CWE-288) - CVE-2023-42771 * Path traversal (CWE-22) - CVE-2023-43627 Katsuhiko Sato(a.k.a. goroh_kun) of 00One, Inc. reported OS Command Injection vulnerability (CVE-2023-39222) to JPCERT/CC. JPCERT/CC coordinated with the developer. As a result of the developer's investigation into this report, other vulnerabilities were newly discovered and addressed. The developer reported these vulnerabilities to notify users of the solution through JVN. JPCERT/CC coordinated with the developer for the publication.

Improper restriction of XML external entity references (XXE) in FD Application

2024-05-22T15:37+09:00

FD Application provided by Ministry of Health, Labour and Welfare improperly restricts XML external entity references (XXE) (CWE-611). Toyama Taku and Sakaki Ryutaro of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Panasonic KW Watcher

2023-09-27T14:44+09:00

KW Watcher provided by Panasonic contains multiple vulnerabilities listed below. * Improper restriction of operations within the bounds of a memory buffer (CWE-119) - CVE-2023-3471 * Use after free (CWE-416) - CVE-2023-3472 Michael Heinzl reported these vulnerabilities to Panasonic and coordinated. After the coordination was completed, Panasonic reported the case to JPCERT/CC to notify users of the solutions through JVN.

Shihonkanri Plus vulnerable to relative path traversal

2024-05-21T17:16+09:00

Shihonkanri Plus provided by EKAKIN contains a relative path traversal vulnerability (CWE-23). Shimizu Yutaro of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Trend Micro Mobile Security vulnerable to cross-site scripting

2024-03-13T18:07+09:00

Trend Micro Incorporated has released a security update for Trend Micro Mobile Security. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"

2024-07-11T16:49+09:00

WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains multiple vulnerabilities listed below. * Unrestricted Upload of File with Dangerous Type (CWE-434) - CVE-2023-40219 * Path Traversal (CWE-22) - CVE-2023-40532 * Cross-site Scripting in registration process of Item List page (CWE-79) - CVE-2023-41233 * Cross-site Scripting in Credit Card Payment Setup page (CWE-79) - CVE-2023-41962 * Cross-site Scripting in Item List page (CWE-79) - CVE-2023-43484 * SQL Injection in Item List page (CWE-89) - CVE-2023-43493 * SQL Injection in Order Data Edit page (CWE-89) - CVE-2023-43610 * Cross-site Scripting in Order Data Edit page (CWE-79) - CVE-2023-43614 CVE-2023-40219 Akihiro Hashimoto reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-40532, CVE-2023-41233, CVE-2023-41962, CVE-2023-43484, CVE-2023-43493, CVE-2023-43610, CVE-2023-43614 Shogo Kumamaru of LAC CyberLink Co., Ltd. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution

2024-05-09T18:22+09:00

Trend Micro Endpoint security products for enterprises provided by Trend Micro Incorporated contain an arbitrary code execution vulnerability (CWE-94, CVE-2023-41179) in 3rd Party AV Uninstaller Module. Trend Micro Incorporated states that an attack exploiting this vulnerability has been observed. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software

2023-09-13T15:02+09:00

Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. * Double free (CWE-415) - CVE-2023-41374 * Use-after-free (CWE-416) - CVE-2023-41375 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Pyramid vulnerable to directory traversal

2024-05-16T16:52+09:00

Pyramid provided by Pylons Project contains a directory traversal vulnerability. Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Vulnerability in JP1/VERITAS

2023-09-06T15:35+09:00

A vulnerability (VTS23-011) exists in JP1/VERITAS.

"direct" Desktop App for macOS fails to restrict access permissions

2023-09-06T14:33+09:00

"direct" Desktop App for macOS provided by L is B Corp. fails to restrict access permissions (CWE-284). The access control mechanism provided by macOS "TCC (Transparency Consent and Control)" may be bypassed. Koh M. Nakagawa of FFRI Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in F-RevoCRM

2024-05-14T18:06+09:00

F-RevoCRM provided by ThinkingReed inc. contains multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2023-41149 * Cross-site scripting vulnerability (CWE-79) - CVE-2023-41150 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in CGIs of PMailServer and PMailServer2

2023-09-05T14:55+09:00

CGIs included with PMailServer and PMailServer2 provided by A.K.I Software contain multiple vulnerabilities listed below. * Stored cross-site scripting vulnerability (CWE-79) - CVE-2023-39223 * Insufficient verification vulnerability in Broadcast Mail CGI (pmc.exe) (CWE-434) - CVE-2023-39933 * Directory traversal vulnerability in Mailing List Search CGI (pmmls.exe) (CWE-22) - CVE-2023-40160 * Directory traversal vulnerability in Internal Simple Webserver (CWE-22) - CVE-2023-40747 CVE-2023-39223, CVE-2023-39933, CVE-2023-40160 Shuji Shimizu of VeriServe Corporation reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-40747 Shunta Nakanishi of VeriServe Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in SHIRASAGI

2024-05-14T17:58+09:00

SHIRASAGI provided by SHIRASAGI Project contains multiple vulnerabilities listed below. * Reflected cross-site scripting (CWE-79) - CVE-2023-36492 * Stored cross-site scripting (CWE-79) - CVE-2023-38569 * Path traversal (CWE-22) - CVE-2023-39448 CVE-2023-36492, CVE-2023-38569 Taiga Shirakura of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-39448 Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in i-PRO VI Web Client

2024-05-14T18:05+09:00

VI Web Client provided by i-PRO Co., Ltd. is Video Insight's video management software. VI Web Client contains multiple vulnerabilities listed below.

Open Redirect (CWE-601) - CVE-2023-38574
Reflected Cross-site Scripting (CWE-79) - CVE-2023-39938
View Stored Cross-site Scripting in View setting page (CWE-79) - CVE-2023-40535
Stored Cross-site Scripting in Map setting page (CWE-79) - CVE-2023-40705

Michael Heinzl reported these vulnerabilities to i-PRO Co., Ltd. and coordinated with them. After the coordination was completed, the developer reported this case to IPA to notify users of the solution through JVN. JPCERT/CC coordinated with the developer for the publication.

Phoenix Technologies Windows kernel driver vulnerable to insufficient access control on its IOCTL

2024-04-24T11:43+09:00

Some of the Windows kernel drivers provided by Phoenix Technologies Inc. is vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-35841). Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Vulnerability in HiRDB

2023-09-06T15:45+09:00

A Vulnerability (CVE-2023-1995) exists in HiRDB.

SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)

2024-05-15T17:12+09:00

Mailform Pro CGI provided by SYNCK GRAPHICA contains a Regular expression Denial-of-Service (ReDoS) vulnerability (CWE-1333, CVE-2023-40599). This vulnerability is a similar issue as CVE-2023-32610 published on JVN on June 20, 2023, and was newly discovered in several Add-ons listed above. Tran Quang Vu of FPT Software reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"Skylark" App fails to restrict custom URL schemes properly

2024-05-15T17:19+09:00

"Skylark" App provided by SKYLARK HOLDINGS CO., LTD. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. Shunsuke Kaneko of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Rakuten WiFi Pocket vulnerable to improper authentication

2024-03-27T13:43+09:00

Rakuten WiFi Pocket provided by Rakuten Mobile, Inc. is a mobile router. Management Screen of Rakuten WiFi Pocket contains an improper authentication vulnerability (CWE-287). Sato Nobuhiro of Suzuki Motor Corporation and You Okuma of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Panasonic Control FPWIN Pro7

2024-04-18T17:31+09:00

Control FPWIN Pro7 provided by Panasonic contains multiple vulnerabilities listed below. * Stack-based Buffer Overflow (CWE-121) - CVE-2023-28728 * Access of Resource Using Incompatible Type (CWE-843) - CVE-2023-28729 * Improper Restriction of Operations within the Bounds of a Memory Buffer Michael Heinzl first contacted JPCERT/CC, and JPCERT/CC advised him to contact Panasonic directly. Afterwards, he reported these vulnerabilities to Panasonic and coordinated with them. Panasonic and JPCERT/CC published respective advisories in order to notify users of these vulnerabilities.

Multiple vulnerabilities in CBC digital video recorders

2024-04-10T17:39+09:00

Digital video recorders provided by CBC Co.,Ltd. contain multiple vulnerabilities listed below. * Improper authentication (CWE-287) - CVE-2023-38585 * OS command injection (CWE-78) - CVE-2023-40144 * Hidden functionality (CWE-912) - CVE-2023-40158 Yoshiki Mori, Ushimaru Hayato, Hiromu Kubiura and Masaki Kubo of National Institute of Information and Communications Technology Cybersecurity Research Institute reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting

2024-03-25T17:55+09:00

WordPress Plugin "Advanced Custom Fields" provided by WP Engine contains a cross-site scripting vulnerability (CWE-79). Ryotaro Imamura of SB Technology Corp. and Satoo Nakano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in LuxCal Web Calendar

2024-03-26T17:09+09:00

LuxCal Web Calendar provided by LuxSoft contains multiple vulnerabilities listed below. * Cross-site scripting (CWE-79) - CVE-2023-39543 * SQL injection (CWE-89) - CVE-2023-39939 Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Proself

2024-03-28T17:43+09:00

Proself provided by North Grid Corporation is an online storage server software. Proself contains multiple vulnerabilities listed below.

Improper authentication (CWE-287) - CVE-2023-39415
OS command injection (CWE-78) - CVE-2023-39416

The developer states that attacks exploiting these vulnerabilities have been observed. North Grid Corporation reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. JPCERT/CC and North Grid Corporation coordinated under the Information Security Early Warning Partnership.

EC-CUBE 2 series vulnerable to cross-site scripting

2024-03-25T18:07+09:00

EC-CUBE 2 series provided by EC-CUBE CO.,LTD. contains a cross-site scripting vulnerability (CWE-79) in "mail/template" and "products/product" of Management page. Shimamine Taihei of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to EC-CUBE CO.,LTD. and EC-CUBE CO.,LTD. reported it to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in ELECOM and LOGITEC network devices

2024-08-29T09:39+09:00

Multiple network devices provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below. * Hidden Functionality (CWE-912) - CVE-2023-32626, CVE-2023-35991, CVE-2023-39445 * Telnet service access restriction failure (CWE-284) - CVE-2023-38132 * Hidden Functionality (CWE-912) - CVE-2023-38576 * Buffer overflow (CWE-120) - CVE-2023-39454 * OS Command Injection (CWE-78) - CVE-2023-39455, CVE-2023-40072 * OS Command Injection (CWE-78) - CVE-2023-39944, CVE-2023-40069 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple server-side request forgery vulnerabilities in Trend Micro Apex Central (July 2023)

2024-03-13T17:58+09:00

Trend Micro Apex Central is vulnerable to multiple server-side request forgeries. Trend Micro Incorporated has released Patch 5 (build 6481) for Trend Micro Apex Central. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

"Rikunabi NEXT" App for Android fails to restrict custom URL schemes properly

2024-03-28T18:01+09:00

"Rikunabi NEXT" App for Android provided by Recruit Co., Ltd. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. Nao Komatsu of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly

2024-03-28T17:54+09:00

"FFRI yarai" and "FFRI yarai Home and Business Edition" provided by FFRI Security, Inc. handle exceptional conditions improperly (CWE-703). When the product's Windows Defender management feature is enabled, and Microsoft Defender detects some files matching specific conditions as a threat, the affected product may fail to handle this situation properly and stop working. FFRI Security, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and FFRI Security, Inc. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in Special Interest Group Network for Analysis and Liaison's API

2024-03-28T18:08+09:00

Special Interest Group Network for Analysis and Liaison's "Inter-SOC Cooperation API" provided by Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) contains multiple vulnerabilities listed below. * Improper Authorization in Information Provision function (CWE-285) - CVE-2023-38751 * Improper Authorization in Information Provision and Group Message functions (CWE-285) - CVE-2023-38752 yusuke negishi of JPCERT/CC Platform Service Group reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Fujitsu Software Infrastructure Manager (ISM) stores sensitive information in cleartext

2024-04-03T17:19+09:00

Fujitsu Software Infrastructure Manager (ISM) V2.8.0.060, provided by Fujitsu Limited, stores the password for the proxy server in cleartext form to the product's maintenance data (ismsnap) (CWE-312) under the following conditions.

Using a proxy server that requires authentication in the connection from ISM to internet
The user ID and/or the password for the proxy server contain "\" (backslash) character
The product's firmware download function is enabled (*)

Fujitsu Limited reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Fujitsu Limited coordinated under the Information Security Early Warning Partnership.

OMRON CJ series and CS/CJ Series EtherNet/IT unit vulnerable to Denial-of-Service (DoS)

2023-08-03T13:45+09:00

Denial-of-service (DoS) vulnerability due to improper validation of specified type of input (CWE-1287) issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit provided by OMRON Corporation. OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in OMRON CX-Programmer

2024-04-05T17:39+09:00

CX-Programmer provided by OMRON Corporation contains multiple vulnerabilities listed below. * Out-of-bounds read (CWE-125) - CVE-2023-38746 * Heap-based buffer overflow (CWE-122) - CVE-2023-38747 * Use after free (CWE-416) - CVE-2023-38748 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

SEIKO EPSON printer Web Config vulnerable to denial-of-service (DoS)

2024-04-19T17:27+09:00

SEIKO EPSON printer Web Config contains a denial-of-service (DoS) vulnerability due to improper input validation (CWE-20). SEIKO EPSON CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and SEIKO EPSON CORPORATION coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in Command Center RX (CCRX) of Kyocera Document Solutions MFPs and printers

2024-05-07T18:15+09:00

Command Center RX (CCRX), a web interface for MFPs and printers provided by KYOCERA Document Solutions Inc., contains multiple vulnerabilities listed below. * Path traversal (CWE-22) - CVE-2023-34259 * Path traversal (CWE-22) - CVE-2023-34260 * Observable response discrepancy (CWE-204) - CVE-2023-34261 Stefan Michlits of SEC Consult reported these vulnerabilities to KYOCERA Document Solutions Inc. and coordinated. KYOCERA Document Solutions Inc. and JPCERT/CC published respective advisories in order to notify users of this vulnerability.

Fujitsu network devices Si-R series and SR-M series vulnerable to authentication bypass

2024-04-19T18:07+09:00

The web management interface of Fujitsu network devices Si-R series and SR-M series contains an authentication bypass vulnerability (CWE-287,CVE-2023-38555). Katsuhiko Sato (a.k.a. goroh_kun) of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Fujitsu Real-time Video Transmission Gear "IP series" uses a hard-coded credentials

2024-04-12T18:04+09:00

Real-time Video Transmission Gear "IP series" provided by Fujitsu Limited uses a hard-coded credentials (CWE-798) . The product's credentials for factory testing may be obtained by reverse engineering and others. Fujitsu Limited reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Fujitsu Limited coordinated under the Information Security Early Warning Partnership.

Improper restriction of XML external entity references (XXE) in Applicant Programme

2024-04-22T14:20+09:00

Applicant Programme provided by The Ministry of Justice improperly restricts XML external entity references (XXE) (CWE-611). Toyama Taku and Sakaki Ryutaro of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

GBrowse vulnerable to unrestricted upload of files with dangerous types

2024-04-12T17:31+09:00

GBrowse provided by Generic Model Organism Database Project is a web-based genome browser. GBrowse allows the users to upload their own data in several file formats (see "GBrowse User Uploads"). The affected versions of GBrowse accept files with any formats uploaded (CWE-434), and place them in the area accessible through unauthenticated web requests. The reporter states that attacks exploiting this vulnerability have been observed. Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA"

2024-04-17T17:20+09:00

WordPress Plugin "TS Webfonts for SAKURA" provided by SAKURA internet Inc. contains multiple vulnerabilities listed below. * Cross-site scripting (CWE-79) - CVE-2023-32624 * Cross-site request forgery (CWE-352) - CVE-2023-32625 SAKURA internet Inc. reported these vulnerabilities to IPA to notify users of the solutions through JVN. JPCERT/CC and SAKURA internet Inc. coordinated under the Information Security Early Warning Partnership.

Multiple Vulnerabilities in Hitachi Device Manager

2023-07-19T14:48+09:00

Multiple vulnerabilities have been found in Hitachi Device Manager.

File and Directory Permissions Vulnerability in Hitachi Command Suite

2024-04-26T12:29+09:00

A File and Directory Permissions Vulnerability (CVE-2020-36695) exists in Hitachi Command Suite.

EL Injection Vulnerability in Hitachi Replication Manager

2024-04-26T12:24+09:00

An EL Injection Vulnerability (CVE-2022-4146) exists in Hitachi Replication Manager.

Improper restriction of XML external entity references (XXE) in XBRL data create application

2024-03-19T18:11+09:00

XBRL data create application provided by Financial Services Agency improperly restricts XML external entity references (XXE) (CWE-611). Taku Toyama of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in ELECOM and LOGITEC wireless LAN routers

2024-04-22T16:18+09:00

Multiple wireless LAN routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below. * Command Injection on the web management page (CWE-77) - CVE-2023-37566, CVE-2023-37568 * Command Injection on a certain port of the web management page (CWE-77) - CVE-2023-37567 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in multiple ELECOM wireless LAN routers and wireless LAN repeaters

2024-03-29T15:28+09:00

Wireless LAN routers and wireless LAN repeaters provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. * Cross-site Scripting (CWE-79) - CVE-2023-37560 * Open Redirect (CWE-601) - CVE-2023-37561 * Cross-Site Request Forgery (CWE-352) - CVE-2023-37562 * Information disclosure (CWE-200) - CVE-2023-37563 * OS Command Injection (CWE-78) - CVE-2023-37564 * Code Injection (CWE-94) - CVE-2023-37565 CVE-2023-37560 Yamaguchi Kakeru reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-37561, CVE-2023-37562 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-37563 Shu Yoshikoshi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC during the same period, and JPCERT/CC coordinated with the developer. CVE-2023-37564 Shu Yoshikoshi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-37565 MASAHIRO IIDA and SHUTA IDE of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in SoftEther VPN and PacketiX VPN

2024-05-22T17:47+09:00

SoftEther VPN provided by University of Tsukuba SoftEther VPN Project and PacketiX VPN provided by SoftEther Corporation contain multiple vulnerabilities listed below in VPN Client function, and Dynamic DNS Client function included in the VPN server.

Heap-based buffer overflow (CWE-122) - CVE-2023-27395
Integer overflow or wraparound (CWE-190) - CVE-2023-22325
Exposure of resource to wrong sphere (CWE-668) - CVE-2023-32275
Improper access control (CWE-284) - CVE-2023-27516
Channel accessible by non-endpoint (CWE-300) - CVE-2023-32634
Use of uninitialized resource (CWE-908) - CVE-2023-31192

Lilith of Cisco Talos of Cisco Systems, Inc., United States of America reported these vulnerabilities to the developer and coordinated. The developer reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"NewsPicks" App uses a hard-coded API key for an external service

2024-04-30T18:09+09:00

"NewsPicks" App for Android and "NewsPicks" App for iOS provided by NewsPicks, Inc. use a hard-coded API key for an external service (CWE-798). Sunagawa Masanori of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Null pointer dereference vulnerability in multiple printers and MFPs which implement BROTHER debut web server

2024-04-22T16:07+09:00

Multiple printers and MFPs (multifunction printers) which implement Brother debut web server contain a null pointer dereference vulnerability (CWE-476, CVE-2023-29984). Darren Johnson directly reported this vulnerability to BROTHER INDUSTRIES, LTD. and FUJIFILM Business Innovation Corp., and both vendors reported this case to JPCERT/CC to request the coordination between the reporter and the susceptible multiple vendors.

WordPress Plugin "Snow Monkey Forms" vulnerable to directory traversal

2024-04-26T17:56+09:00

WordPress Plugin "Snow Monkey Forms" provided by Monkey Wrench Inc. contains a directory traversal vulnerability (CWE-22). Shinsaku Nomura of Bitforest Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in WAVLINK WL-WN531AX2

2023-06-27T16:50+09:00

WL-WN531AX2 provided by WAVLINK contains multiple vulnerabilities listed below. * Client-side enforcement of server-side security (CWE-602) - CVE-2023-32612 * Exposure of resource to wrong sphere (CWE-668) - CVE-2023-32613 * Improper authentication (CWE-287) - CVE-2023-32620 * Unrestricted upload of file with dangerous type (CWE-434) - CVE-2023-32621 * Improper neutralization of special elements (CWE-138) - CVE-2023-32622 Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Aterm series

2024-05-22T18:16+09:00

Aterm series provided by NEC Corporation contain multiple vulnerabilities listed below. * Directory traversal (CWE-22) - CVE-2023-3330 * Directory traversal (CWE-22) - CVE-2023-3331 * Stored cross-site scripting (CWE-79) - CVE-2023-3332 * OS command injection (CWE-78) - CVE-2023-3333 Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Pleasanter

2024-05-07T14:10+09:00

Pleasanter provided by Implem Inc. contains multiple vulnerabilities listed below. * Stored cross-site scripting vulnerability (CWE-79) - CVE-2023-32607 * Directory traversal vulnerability (CWE-22) - CVE-2023-32608 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to Implem Inc. and Implem Inc. reported them to IPA. JPCERT/CC and Implem Inc. coordinated under the Information Security Early Warning Partnership.

SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)

2024-04-26T18:03+09:00

Mailform Pro CGI provided by SYNCK GRAPHICA contains a Regular expression Denial-of-Service (ReDoS) vulnerability (CWE-1333). Tran Quang Vu of FPT Software reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Panasonic AiSEG2

2023-06-16T14:05+09:00

Panasonic AiSEG2 contains multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2023-28726 * Improper Authentication (CWE-287) - CVE-2023-28727 Taku Toyama of NEC Corporation reported CVE-2023-28726 and CVE-2023-28727 vulnerabilities to Panasonic and coordinated. Panasonic and JPCERT/CC published respective advisories in order to notify users of the vulnerabilities. Yota Egusa of SAKURA internet Inc. reported CVE-2023-28727 vulnerability to IPA. JPCERT/CC coordinated with Panasonic under Information Security Early Warning Partnership.

Printer Driver Packager NX creates driver installation packages without modification detection

2024-05-23T15:45+09:00

Printer Driver Packager NX provided by Ricoh Company, Ltd. is a tool to create driver installation packages. A driver installation package is used to install and configure printer drivers on the target PCs. The installation and configuration of printer drivers require an administrative privilege, and a created driver installation package can bundle administrative credentials in encrypted form enabling non-administrative users to install printer drivers without administrator's help. The driver installation package, created by the affected version of Printer Driver Packager NX, fails to detect its modification (CWE-345) and may spawn an unexpected process with the administrative privilege. Ricoh Company, Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Security updates for multiple Trend Micro products for enterprises (June 2023)

2024-05-23T15:23+09:00

Trend Micro Incorporated has released security updates for multiple Trend Micro products for enterprises. For more details, refer to the information provided by the developer. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Chatwork Desktop Application (Mac) vulnerable to code injection

2024-05-24T16:02+09:00

Chatwork Desktop Application (Mac) provided by Chatwork Co., Ltd. contains a code injection vulnerability (CWE-94). Koh M. Nakagawa of FFRI Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"WPS Office" vulnerable to OS command injection

2024-04-18T17:49+09:00

"WPS Office" which was provided by KINGSOFT JAPAN, INC. contains an OS command injection vulnerability (CWE-78).

ASUS Router RT-AX3000 vulnerable to using sensitive cookies without 'Secure' attribute

2024-04-18T17:44+09:00

ASUS Router RT-AX3000 provided by ASUSTeK COMPUTER INC. uses sensitive cookies without 'Secure' attribute (CWE-614). Shungo Kumasaka of GMO Cyber Security by IERAE reported this vulnerability to the developer and JPCERT/CC published respective advisories in order to notify users of this vulnerability.

Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT

2024-05-27T16:38+09:00

Wi-Fi AP UNIT provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities listed below.

Missing authentication for critical function (CWE-306) - CVE-2023-31196
OS command injection (CWE-78) - CVE-2023-31198
OS command injection (CWE-78) - CVE-2023-28392

MASAHIRO IIDA of LAC Co., Ltd. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Fuji Electric products

2024-05-23T15:33+09:00

Multiple vulnerabilities listed below exist in the simulator module and the remote monitoring software 'V-Server Lite' and 'V-Server' contained in the graphic editor 'V-SFT', and the remote monitoring software 'TELLUS' and 'TELLUS Lite' provided by FUJI ELECTRIC CO., LTD. * Stack-based buffer overflow in V-Serve, V-Server Lite (CWE-121) - CVE-2023-31239 * Stack-based buffer overflow in TELLUS, TELLUS Lite (CWE-121) - CVE-2023-32538, CVE-2023-32273, CVE-2023-32201 * Out-of-bounds read in TELLUS, TELLUS Lite (CWE-125) - CVE-2023-32288 * Stack-based buffer overflow in TELLUS, TELLUS Lite (CWE-121) - CVE-2023-32276 * Access of memory location after end of buffer in TELLUS, TELLUS Lite (CWE-788) - CVE-2023-32270 * Out-of-bounds read in TELLUS, TELLUS Lite (CWE-125) - CVE-2023-32542 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in KbDevice digital video recorders

2024-05-24T15:57+09:00

Multiple digital video recorders provided by KbDevice,Inc. contain multiple vulnerabilities listed below. * Improper authentication (CWE-287) - CVE-2023-30762 * OS command injection (CWE-78) - CVE-2023-30764 * Hidden functionality (CWE-912) - CVE-2023-30766 Yoshiki Mori, Ushimaru Hayato, Hiromu Kubiura and Masaki Kubo of National Institute of Information and Communications Technology Cybersecurity Research Institute reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in FUJI ELECTRIC FRENIC RHC Loader

2024-04-18T17:40+09:00

FRENIC RHC Loader provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below. * Stack-based buffer overflow (CWE-121) - CVE-2023-29160 * Out-of-bounds read (CWE-125) - CVE-2023-29167 * Improper restriction of XML external entity reference (CWE-611) - CVE-2023-29498 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

"Jiyu Kukan Toku-Toku coupon" App vulnerable to improper server certificate verification

2024-05-23T17:19+09:00

"Jiyu Kukan Toku-Toku coupon" App provided by RUNSYSTEM CO.,LTD. is vulnerable to improper server certificate verification (CWE-295). Ryo Nihonyanagi of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)

2024-03-19T18:13+09:00

CONPROSYS HMI System (CHS) provided by Contec Co., Ltd. contains multiple vulnerabilities listed below. * Plaintext storage of a password (CWE-256) - CVE-2023-28713 * Incorrect permission assignment for critical resource (CWE-732) - CVE-2023-28399 * Improper access control (CWE-284) - CVE-2023-28657 * Cross-site scripting (CWE-79) - CVE-2023-28651 * Server-side request forgery (CWE-918)- CVE-2023-28824 * SQL injection (CWE-89) - CVE-2023-29154 * Improper control of interaction frequency (CWE-799) - CVE-2023-2758 Michael Heinzl reported the vulnerabilities listed below to JPCERT/CC, and JPCERT/CC coordinated with the developer. CVE-2023-28713, CVE-2023-28399, CVE-2023-28657, CVE-2023-28651, CVE-2023-28824, CVE-2023-29154 Tenable, Inc. reported CVE-2023-2758 vulnerability to the developer, and based on the coordination request made by the developer, JPCERT/CC coordinated with Tenable, Inc. and the developer.

DataSpider Servista uses a hard-coded cryptographic key

2024-03-19T17:44+09:00

DataSpider Servista provided by SAISON INFORMATION SYSTEMS CO.,LTD. is a data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and ScriptRunner for Amazon SQS, which is common to all users (CWE-321). Sato Nobuhiro of Suzuki Motor Corporation and You Okuma of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Pleasanter vulnerable to cross-site scripting

2024-03-19T18:17+09:00

Pleasanter provided by Implem Inc. contains a cross-site scripting vulnerability (CWE-79). Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Implem Inc. and Implem Inc. reported it to IPA. JPCERT/CC and Implem Inc. coordinated under the Information Security Early Warning Partnership.

Starlette vulnerable to directory traversal

2024-03-19T18:08+09:00

Starlette provided by Encode contains a directory traversal vulnerability (CWE-22). Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

ESS REC Agent Server Edition for Linux etc. vulnerable to directory traversal

2024-03-21T17:15+09:00

ESS REC Agent Server Edition for Linux etc. provided by Encourage Technologies Co.,Ltd. contain a directory traversal vulnerability (CWE-23). Hayato Ushimaru of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Wacom Tablet Driver installer for macOS vulnerable to improper link resolution before file access

2023-05-25T13:40+09:00

Wacom Tablet Driver installer for macOS provided by Wacom contains an improper link resolution before file access vulnerability (CWE-59). Koh M. Nakagawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Cross-site Scripting Vulnerability in Hitachi Ops Center Analyzer

2024-05-24T17:01+09:00

A Cross-site Scripting Vulnerability exists in Hitachi Ops Center Analyzer.

Tornado vulnerable to open redirect

2024-03-21T17:05+09:00

Tornado provided by tornadoweb contains a vulnerability that triggers open redirect (CWE-601) under certain non-default configurations. Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Android App "Brother iPrint&Scan" vulnerable to improper access control

2023-05-19T15:40+09:00

Android App "Brother iPrint&Scan" provided by BROTHER INDUSTRIES, LTD. contains an improper access control vulnerability (CWE-284, CVE-2023-28369). Johan Francsics reported this vulnerability to BROTHER INDUSTRIES, LTD. and coordinated. After the coordination, BROTHER INDUSTRIES, LTD. reported this case to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in T&D and ESPEC MIC data logger products

2024-05-23T17:03+09:00

Multiple data logger products provided by T&D Corporation and ESPEC MIC CORP. contain multiple vulnerabilities listed below. * Client-side enforcement of server-side security (CWE-602) - CVE-2023-22654 * Improper authentication (CWE-287) - CVE-2023-27388 * Missing authentication for critical function (CWE-306) - CVE-2023-23545 * Cross-site request forgery (CWE-352) - CVE-2023-27387 CVE-2023-22654 Takaya Noma, Tomoya Inazawa, Yudai Morii, Junnosuke Kushibiki, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-27388 Tomoya Inazawa, Takaya Noma, Yudai Morii, Junnosuke Kushibiki, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-23545 Yudai Morii, Takaya Noma, Tomoya Inazawa, Junnosuke Kushibiki, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-27387 Junnosuke Kushibiki, Takaya Noma, Tomoya Inazawa, Yudai Morii, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay

2024-05-23T17:18+09:00

Qrio Smart Lock Q-SL2 provided by Qrio, inc. contains an authentication bypass by capture-replay vulnerability (CWE-294). Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

OS command injection vulnerability in Inaba Denki Sangyo Wi-Fi AP UNIT

2023-05-17T15:09+09:00

Wi-Fi AP UNIT provided by Inaba Denki Sangyo Co., Ltd. contains an OS command injection vulnerability (CWE-78). Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in Cybozu Garoon

2024-05-24T15:26+09:00

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. * [CyVDB-3122] Denial-of-service (DoS) in Message (CWE-400) - CVE-2023-26595 * [CyVDB-3142] Operation restriction bypass vulnerability in Message and Bulletin (CWE-285) - CVE-2023-27304 * [CyVDB-3165] Operation restriction bypass vulnerability in MultiReport (CWE-284) - CVE-2023-27384 CVE-2023-27384 Yuji Tounai reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. CVE-2023-26595, CVE-2023-27304 Cybozu, Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Multiple vulnerabilities in WordPress Plugin "MW WP Form" and "Snow Monkey Forms"

2024-05-29T16:27+09:00

WordPress Plugin "MW WP Form" and "Snow Monkey Forms" provided by Monkey Wrench Inc. contain multiple vulnerabilities listed below. * Directory traversal (CWE-22) - CVE-2023-28408 * Unrestricted upload of file with dangerous type (CWE-434) - CVE-2023-28409 * Directory traversal (CWE-22) - CVE-2023-28413 CVE-2023-28408 Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-28409 Shuya Ota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-28413 Monkey Wrench Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Beekeeper Studio vulnerable to code injection

2024-05-24T16:17+09:00

Beekeeper Studio provided by Beekeeper Studio, Inc. contains a code injection vulnerability (CWE-74). Eiji Mori of Flatt Security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in MicroEngine Mailform

2024-05-24T17:07+09:00

MicroEngine Mailform provided by MicroEngine Inc. contains multiple vulnerabilities listed below.

Unrestricted upload of file with dangerous type (CWE-434) - CVE-2023-27397
Path traversal (CWE-22) - CVE-2023-27507

Yuji Tounai of Mitsui Bussan Secure Directions, Inc. and hibiki moriyama of STNet, Incorporated reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in SolarView Compact

2024-06-27T13:30+09:00

SolarView Compact provided by CONTEC CO.,LTD. contains multiple vulnerabilities listed below. * Use of hard-coded credentials (CWE-798) - CVE-2023-27512 * OS command injection in the download page (CWE-78) - CVE-2023-27514 * Buffer overflow in the multiple setting pages (CWE-120) - CVE-2023-27518 * OS command injection in the mail setting page (CWE-78) - CVE-2023-27521 * Improper access control in the system date/time setting page (CWE-284) - CVE-2023-27920 CVE-2023-27512, CVE-2023-27514, CVE-2023-27518, CVE-2023-27521 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer. CVE-2023-27920 CONTEC CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solutions through JVN.

WordPress Plugin "VK Blocks" and "VK All in One Expansion Unit" vulnerable to cross-site scripting

2024-05-24T17:05+09:00

WordPress Plugin "VK Blocks" and "VK All in One Expansion Unit" provided by Vektor,Inc. contain multiple cross-site scripting vulnerabilities (CWE-79) listed below.

Cross-site scripting vulnerability in Tag edit function - CVE-2023-27923
Cross-site scripting vulnerability in Post function - CVE-2023-27925
Cross-site scripting vulnerability in Profile setting function - CVE-2023-27926
Cross-site scripting vulnerability in CTA post function - CVE-2023-28367

apple502j reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress Plugin "Newsletter" vulnerable to cross-site scripting

2024-06-13T16:14+09:00

WordPress Plugin "Newsletter" provided by Stefano Lissa & The Newsletter Team contains a cross-site scripting vulnerability (CWE-79). Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to the developer and coordinated. JPCERT/CC published respective advisories in order to notify users of this vulnerability.

SR-7100VN vulnerable to privilege escalation

2024-05-24T16:13+09:00

SR-7100VN provided by ICOM INCORPORATED contains a privilege escalation vulnerability (CWE-268). HAMANO Kiyoto of SOUM Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

LINE WORKS Drive Explorer vulnerable to code injection

2024-05-23T17:03+09:00

LINE WORKS Drive Explorer provided by WORKS MOBILE Japan Corp. contains a code injection vulnerability (CWE-94). Koh M. Nakagawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

JINS MEME CORE uses a hard-coded cryptographic key

2024-06-13T16:19+09:00

JINS MEME CORE provided by JINS Inc. is a nose pad type sensor attached to a glass frame. JINS MEME CORE uses a hard-coded cryptographic key (CWE-321). MASAHIRO IIDA of LAC Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Heap-based buffer overflow vulnerability in OMRON CX-Drive

2024-05-27T18:11+09:00

CX-Drive provided by OMRON Corporation contains a heap-based buffer overflow vulnerability (CWE-122, CVE-2023-27385). Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting

2024-05-28T16:59+09:00

WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" provided by TMS contains a cross-site scripting vulnerability (CWE-79). Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to the developer and coordinated. The developer and JPCERT/CC published respective advisories in order to notify users of this vulnerability.

Improper restriction of XML external entity references (XXE) in Shinseiyo Sogo Soft

2024-05-29T16:58+09:00

Shinseiyo Sogo Soft provided by The Ministry of Justice improperly restricts XML external entity references (XXE) (CWE-611). Taku Toyama of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress plugin "LIQUID SPEECH BALLOON" vulnerable to cross-site request forgery

2024-05-28T16:56+09:00

WordPress plugin "LIQUID SPEECH BALLOON" provided by LIQUID DESIGN Ltd. contains a cross-site request forgery vulnerability (CWE-352). Ryo Sato of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass

2024-05-30T15:11+09:00

EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" provided by NE Inc. contains an authentication bypass vulnerability (CWE-287). TSUKADA Nobuhisa of Seasoft reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Security Issues in FINS protocol

2024-05-23T17:35+09:00

FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of Omron products. FINS commands enable to read/write information, conduct various operations and set the configuration on FINS-compliant devices. The supported FINS commands vary depending on the products. * I/O memory area read/write * Parameter area read/write * Program area read/write * Manage operation mode * System configuration read * CPU unit status read * Time information access * Message read/delete * Manage access privileges * Read fault history report, etc. * File operation * Forced set/reset FINS message consists of "FINS header", "FINS command code" and "parameter". When receiving a FINS command message, the entity conducts the operation corresponding to the "FINS command code", and sends the result as a response message to the destinations listed in "FINS header" of the command message. FINS protocol is designed with the assumptions that the network is closed inside the device, the production lines, or within the factory, and does not provide any encryption, data verification, nor authentication functions. Recent security researches show multiple issues on FINS protocol, under the conditions which FINS protocol does not consider, e.g., a FINS network is connected to other outside networks, FINS network can be physically accessed, etc. The following issues on FINS protocol have been reported: 1. Plaintext communication Encrypted communication is not defined in FINS protocol. FINS messages are transmitted unencrypted and the contents can be seen easily when intercepted. Also alterations of FINS messages cannot be detected. * Clear-text Transmission of Sensitive Information (CWE-319) * Insufficient Verification of Data Authenticity (CWE-345) 2. No authentication required Authentication is not defined in FINS protocol. Attacks from malicious devices cannot be detected. * Authentication Bypass by Spoofing (CWE-290) * Authentication Bypass by Capture-replay (CWE-294) * Missing Authentication for Critical Function (CWE-306) * Insufficient Verification of Data Authenticity (CWE-345) * Uncontrolled Resource Consumption (CWE-400) * Unrestricted Externally Accessible Lock(CWE-412) * Improper Control of Interaction Frequency (CWE-799) This document is written by Omron and JPCERT/CC.

Joruri Gw vulnerable to cross-site scripting

2024-05-30T16:19+09:00

Joruri Gw provided by SiteBridge Inc. is groupware. Message Memo function of Joruri Gw contains a cross-site scripting vulnerability (CWE-79). Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

API server of TONE Family vulnerable to authentication bypass using an alternate path

2023-04-17T14:04+09:00

API server of TONE Family provided by DREAM TRAIN INTERNET INC. contains an authentication bypass vulnerability using an alternate path (CWE-288). Kodai Karakawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

JB Inquiry form vulnerable to exposure of private personal information to an unauthorized actor

2024-05-29T16:44+09:00

JB Inquiry form provided by Jubei Inc. contains an exposure of private personal information to an unauthorized actor vulnerability (CWE-359). Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Trend Micro Security may insecurely load Dynamic Link Libraries

2024-04-26T17:48+09:00

Trend Micro Security provided by Trend Micro Incorporated contains an insecure DLL loading issue (CWE-427). While the affected version of Trend Micro Security is installed and a malicious DLL is placed in a directory where some application executable resides, invoking the application executable may result in Trend Micro Security loading the malicious DLL. Rintaro Fujita of Nippon Telegraph and Telephone Corporation, Hiroki Hada of NTT Security (Japan) KK and Hiroki Mashiko of NTT DATA Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple mobile printing apps for Android vulnerable to improper intent handling

2024-05-30T15:48+09:00

Multiple mobile printing apps for Android are vulnerable to improper intent handling (CWE-668). Johan Francsics reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Vulnerability in JP1/VERITAS

2023-04-12T15:01+09:00

A vulnerability (VTS23-003) exists in JP1/VERITAS.

Yokogawa Electric CENTUM series vulnerable to cleartext storage of sensitive information

2024-05-29T18:23+09:00

CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information (CWE-312, CVE-2023-26593). Yokogawa Electric Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Multiple vulnerabilities in JustSystems products

2024-05-29T17:32+09:00

Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below.

Use After Free (CWE-416) - CVE-2022-43664
Heap-based Buffer Overflow (CWE-122) - CVE-2022-45115
Free of Memory not on the Heap (CWE-590) - CVE-2023-22291
Heap-based Buffer Overflow (CWE-122) - CVE-2023-22660

Cisco Talos Security Intelligence & Research Group reported these vulnerabilities to JustSystems Corporation and coordinated. JustSystems Corporation and JPCERT/CC published respective advisories in order to notify users of the solutions through JVN.

Improper restriction of XML external entity references (XXE) in National land numerical information data conversion tool

2024-06-04T15:56+09:00

National land numerical information data conversion tool provided by MLIT improperly restricts XML external entity references (XXE) (CWE-611). Taku Toyama and Kohei Matsumoto of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

JTEKT ELECTRONIC Screen Creator Advance 2 vulnerable to improper restriction of operations within the bounds of a memory buffer

2024-06-04T17:15+09:00

Screen Creator Advance 2 provided by JTEKT ELECTRONICS CORPORATION is vulnerable to improper restriction of operations within the bounds of a memory buffer (CWE-119) due to improper check of its data size when processing a project file. Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

CONPROSYS HMI System(CHS) vulnerable to SQL injection

2023-04-03T16:19+09:00

CONPROSYS HMI System(CHS) provided by Contec Co., Ltd. contains an SQL injection vulnerability (CWE-89, CVE-2023-1658). Tenable Network Security reported this vulnerability to the developer. JPCERT/CC coordinated with the reporter and the developer.

Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210

2024-05-27T17:08+09:00

SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 provided by Seiko Solutions Inc. contain multiple vulnerabilities listed below.

Exposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2016-2183
Command injection (CWE-77) - CVE-2022-36556
Unrestricted upload of file with dangerous type (CWE-434) - CVE-2022-36557
Use of hard-coded credentials (CWE-798) - CVE-2022-36558
Command injection (CWE-77) - CVE-2022-36559
Use of hard-coded credentials (CWE-798) - CVE-2022-36560
Improper privilege management (CWE-269) - CVE-2023-22361
Missing authentication for critical function (CWE-306) - CVE-2023-22441
Improper access control (CWE-284) - CVE-2023-23578
Improper following of a certificate's chain of trust (CWE-296) - CVE-2023-23901
Missing authentication for critical function (CWE-306) - CVE-2023-23906
Cleartext storage of sensitive information (CWE-312) - CVE-2023-24586
Cleartext transmission of sensitive information (CWE-319) - CVE-2023-25070
Use of weak credentials (CWE-1391) - CVE-2023-25072
Use of weak credentials (CWE-1391) - CVE-2023-25184

The developer states that attacks exploiting CVE-2022-36556 have been observed. CVE-2023-22441 MASAHIRO IIDA of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2016-2183, CVE-2022-36556, CVE-2022-36557, CVE-2022-36558, CVE-2022-36559, CVE-2022-36560, CVE-2023-22361, CVE-2023-23578, CVE-2023-23901, CVE-2023-23906, CVE-2023-24586, CVE-2023-25070, CVE-2023-25072, CVE-2023-25184 Thomas J. Knudsen and Samy Younsi of NeroTeam Security Labs reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

HAProxy vulnerable to HTTP request/response smuggling

2024-06-04T16:17+09:00

HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack (CWE-444). Yuki Mogi of FFRI Security, Inc. reported this vulnerability to the developer and coordinated. The developer and JPCERT/CC published this advisory in order to notify users of this vulnerability.

baserCMS vulnerable to arbitrary file uploads

2024-06-06T17:31+09:00

baserCMS provided by baserCMS Users Community allows an authenticated user to upload arbitrary files (CWE-434). Taisei Inoue of GMO Cybersecurity by Ierae, Inc. and Yusuke Akagi of Mitsui Bussan Secure Directions, Inc., Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

ELECOM WAB-MAT registers its windows service executable with an unquoted file path

2024-06-03T17:36+09:00

WAB-MAT provided by ELECOM CO.,LTD. is Access Point Management Tool for corporate users. WAB-MAT registers its windows service executable with an unquoted file path (CWE-428). Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Contec CONPROSYS IoT Gateway products

2024-06-04T17:00+09:00

CONPROSYS IoT Gateway products provided by Contec CO.,LTD. contain multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2023-27917 Network Maintenance page validates input values improperly, resulting in OS command injection. * Inadequate Encryption Strength (CWE-326) - CVE-2023-27389 Firmware update file contains a firmware image encrypted, which can be decrypted by examining the bundled install script and a little more work. * Improper Access Control (CWE-284) - CVE-2023-23575 Network Maintenance page should be available only to administrative users, but the device fails to restrict access.

TP-Link T2600G-28SQ uses vulnerable SSH host keys

2024-06-04T16:58+09:00

TP-Link layer-2 switch T2600G-28SQ uses vulnerable SSH host keys (CWE-1391). Kuniyuki Hasegawa of VeriServe Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service

2024-06-03T17:15+09:00

Android App "Wolt Delivery: Food and more" provided by Wolt uses a hard-coded API key for an external service (CWE-798). Naoya Kurosawa of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Buffalo network devices

2024-06-04T16:42+09:00

Multiple network devices provided by BUFFALO INC. contain multiple vulnerabilities listed below. * Use of hard-coded credentials (CWE-798) - CVE-2023-26588 * Improper access control (CWE-284) - CVE-2023-24544 * Stored cross-site scripting (CWE-79) - CVE-2023-24464

Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config

2024-06-03T17:36+09:00

Web Config for printers/network interface provided by SEIKO EPSON CORPORATION contains multiple vulnerabilities listed below.

Stored cross-site Scripting (CWE-79) - CVE-2023-23572

Cross-Site Request Forgery (CWE-352) - CVE-2023-27520 Takaya Noma, Yudai Morii, Hiroki Yasui, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software

2024-06-07T16:39+09:00

Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. * Out-of-bounds read (CWE-125) - CVE-2023-22419, CVE-2023-22421 * Use-after-free (CWE-416) - CVE-2023-22424 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in PostgreSQL extension module pg_ivm

2024-06-10T16:41+09:00

pg_ivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pg_ivm contains multiple vulnerabilities listed below.

Exposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2023-22847 An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to.

Uncontrolled search path element (CWE-427) - CVE-2023-23554 When refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner's privilege.

IVM Development Group reported these vulnerabilities to IPA to notify users of its solution through JVN. JPCERT/CC and IVM Development Group coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in Trend Micro Maximum Security

2024-06-13T17:06+09:00

Trend Micro Incorporated has released security updates for Trend Micro Maximum Security. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2024-06-07T16:59+09:00

Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center

2024-06-11T16:42+09:00

A File and Directory Permissions Vulnerability (CVE-2020-36652) exists in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center.

Multiple vulnerabilities in SS1 and Rakuraku PC Cloud

2024-06-06T18:02+09:00

SS1 is asset management software and Rakuraku PC Cloud is cloud-based asset management service. SS1 and Rakuraku PC Cloud Agent contain multiple vulnerabilities listed below.

Improper Access Control (CWE-284) - CVE-2023-22335
Path Traversal (CWE-22) - CVE-2023-22336
Use of Hard-coded Credentials (CWE-798) - CVE-2023-22344

Denis Faiustov, and Ruslan Sayfiev of GMO Cyber Security by IERAE reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple cross-site scripting vulnerabilities in EC-CUBE

2024-06-10T17:28+09:00

EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple cross-site scripting vulnerabilities listed below. * Cross-site scripting vulnerability in Contents Management (CWE-79) - CVE-2023-22438 * Cross-site scripting vulnerability in Authentication Key Settings (CWE-79) - CVE-2023-25077 * Cross-site scripting vulnerability in Product List Screen and Product Detail Screen (CWE-79) - CVE-2023-22838 CVE-2023-22438 Gaku Mochizuki, Taiga Shirakura of Mitsui Bussan Secure Directions, Inc. and Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-25077 Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to EC-CUBE CO.,LTD. and EC-CUBE CO.,LTD. Inc. reported it to JPCERT/CC to notify users of its solution through JVN. CVE-2023-22838 Rei TAKAHASHI of Hashiura Lab., Dept. of Data Science, Nippon Institute of Technology reported this vulnerability to EC-CUBE CO.,LTD. and EC-CUBE CO.,LTD. reported it to JPCERT/CC to notify users of its solution through JVN.

web2py development tool vulnerable to open redirect

2024-06-07T16:31+09:00

The admin development tool included in the web2py source code contains an open redirect vulnerability (CWE-601). According to the developer, they do not recommend using the tool in operational environment or disclosing it on the Internet. Takuto Yoshikai of Aeye Security Lab reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple cross-site scripting vulnerabilities in SHIRASAGI

2024-06-10T17:18+09:00

SHIRASAGI provided by SHIRASAGI Project contains multiple vulnerabilities listed below. * Stored cross-site scripting vulnerability on Schedule function (CWE-79) - CVE-2023-22425 * Stored cross-site scripting vulnerability on Theme switching function (CWE-79) - CVE-2023-22427 CVE-2023-22425 Ren Toda of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2023-22427 SHIRASAGI Project reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries

2023-02-14T17:00+09:00

The installers of ELECOM Camera Assistant and QuickFileDealer provided by ELECOM CO.,LTD. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools

2024-06-12T11:15+09:00

tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools provided by FUJITSU LIMITED contain an improper restriction of XML external entity reference (XXE) vulnerability (CWE-611). Toyama Taku and Sakaki Ryutaro of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in PLANEX COMMUNICATIONS Network Camera CS-WMV02G

2024-06-12T17:03+09:00

Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G provided by PLANEX COMMUNICATIONS INC. contains multiple vulnerabilities listed below.

Stored cross-site scripting (CWE-79) - CVE-2023-22370
Cross-site request forgery (CWE-352) - CVE-2023-22375
Reflected cross-site scripting (CWE-79) - CVE-2023-22376

Zuken Elmic KASAGO uses insufficient random values for TCP Initial Sequence Numbers

2024-06-14T15:45+09:00

Zuken Elmic KASAGO, TCP/IP protocol stack for embedded systems, uses its own random number generator function when generating TCP initial sequence numbers, which leads to use insufficient random values (CWE-330). Zuken Elmic reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

NEC PC Settings Tool vulnerable to missing authentication for critical function

2024-06-10T18:13+09:00

PC Settings Tool is an application pre-installed on computers provided by NEC by default. PC Settings Tool Library contained in the application is vulnerable to missing authentication for critical function (CWE-306). Haruki Yadani of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in JTEKT ELECTRONICS Screen Creator Advance 2

2024-06-10T17:25+09:00

Screen Creator Advance 2 provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. * Out-of-bound write (CWE-787) - CVE-2023-22345 * Out-of-bound read (CWE-125) - CVE-2023-22346, CVE-2023-22347, CVE-2023-22349, CVE-2023-22350, CVE-2023-22353 * Use-after-free (CWE-416) - CVE-2023-22360 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Ichiran App vulnerable to improper server certificate verification

2024-06-12T14:25+09:00

Ichiran App developed by Betrend Corporation and provided by ICHIRAN INC. is vulnerable to improper server certificate verification (CWE-295). Ryo Nihonyanagi of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Vulnerability in Driver Distributor where passwords are stored in a recoverable format

2024-06-12T11:07+09:00

Driver Distributor provided by FUJIFILM Business Innovation Corp. contains a vulnerability where passwords are stored in a recoverable format (CWE-257). Sato Ryo, Yokoi Hiroshi, and Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

SUSHIRO App for Android outputs sensitive information to the log file

2024-06-11T17:35+09:00

SUSHIRO App for Android provided by AKINDO SUSHIRO CO., LTD. outputs sensitive information to the log file (CWE-532).

Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Motion Pro

2023-01-25T14:28+09:00

CX-Motion Pro provided by OMRON Corporation contains an improper restriction of XML external entity reference (XXE) vulnerability (CWE-611). Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

EasyMail vulnerable to cross-site scripting

2023-01-24T16:00+09:00

EasyMail provided by First Net Japan Inc. contains a stored cross-site scripting vulnerability (CWE-79). Toyama Taku reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

pgAdmin 4 vulnerable to directory traversal

2024-06-05T16:22+09:00

PostgreSQL management tool pgAdmin 4 contains a directory traversal vulnerability (CWE-22). Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Contec CONPROSYS HMI System (CHS) vulnerable to multiple SQL injections

2023-01-24T13:38+09:00

CONPROSYS HMI System (CHS) provided by CONTEC CO.,LTD. contains multiple SQL injection vulnerabilities (CWE-89). Mosin from ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity, Inc., reported these vulnerabilities to Contec Co., Ltd. Contec Co., Ltd. reported the issues to JPCERT/CC in order to notify the solutions to the users through JVN.

Pgpool-II vulnerable to information disclosure

2024-06-20T17:54+09:00

Pgpool-II is cluster management tool. Pgpool-II contains an information disclosure vulnerability (CWE-200) in its watchdog function. Note that, only systems that meet all of the following setting requirements are affected by this vulnerability.

Watchdog function is enabled (use_watchdog = on)
"query mode" is used for the alive monitoring of watchdog (wd_lifecheck_method = 'query')
Plain text password is set for wd_lifecheck_password

PgPool Global Development Group reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and PgPool Global Development Group coordinated under the Information Security Early Warning Partnership.

File and Directory Permissions Vulnerability in Hitachi Tuning Manager

2023-01-18T13:51+09:00

A File and Directory Permissions Vulnerability (CVE-2020-36611) exists in Hitachi Tuning Manager.

WordPress plugin "Welcart e-Commerce" vulnerable to directory traversal

2023-01-17T14:17+09:00

WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a directory traversal vulnerability (CWE-22). Masato Ikeda of Mitsui Bussan Secure Directions, Inc. and Takeshi Suzuki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Active debug code vulnerability in OMRON CP1L-EL20DR-D

2023-01-12T15:53+09:00

Active debug code (CWE-489) exists in CP1L-EL20DR-D provided by OMRON Corporation, which may lead to a command that is not specified in FINS protocol being executed without authentication. Georgy Kiguradze of Positive Technologies reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Access of uninitialized pointer vulnerability in OMRON CX-Motion-MCH

2023-01-12T15:06+09:00

CX-Motion-MCH provided by OMRON Corporation contains an access of uninitialized pointer vulnerability (CWE-824, CVE-2023-22366). Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in PIXELA PIX-RT100

2023-01-12T14:50+09:00

PIX-RT100 provided by PIXELA CORPORATION contains multiple vulnerabilities listed below.

OS command injection (CWE-78) - CVE-2023-22304
Backdoor access issue (CWE-912) - CVE-2023-22316

MASAHIRO IIDA of LAC Co.,Ltd. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

OpenAM Web Policy Agent (OpenAM Consortium Edition) vulnerable to path traversal

2023-01-11T17:07+09:00

OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability (CWE-22). Furthermore, a crafted URL may be evaluated incorrectly. OpenAM Consortium reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and OpenAM Consortium coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in MAHO-PBX NetDevancer series

2023-01-11T16:11+09:00

There are multiple vulnerabilities in the Management screen of MAHO-PBX NetDevancer series provided by Mahoroba Kobo, Inc. OS Command Injection (CWE-78) - CVE-2023-22279 OS Command Injection (CWE-78) - CVE-2023-22280 Cross-Site Request Forgery (CWE-352) - CVE-2023-22286 Reflected Cross-site Scripting (CWE-79) - CVE-2023-22296 Masamu Asato of GMO Cyber Security by IERAE reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

TP-Link SG105PE vulnerable to authentication bypass

2023-01-11T15:04+09:00

TP-Link SG105PE contains an authentication bypass vulnerability (CWE-287). Baba Takao of BPS Co., Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

pgAdmin 4 vulnerable to open redirect

2023-01-11T14:23+09:00

pgAdmin 4 provided by pgAdmin Project contains an open redirect vulnerability (CWE-601). SHIGA TAKUMA of BroadBand Security, Inc. and Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Digital Arts m-FILTER vulnerable to improper authentication

2023-01-06T14:57+09:00

m-FILTER provided by Digital Arts Inc. is an emaill security product. m-FILTER contains an improper authentication vulnerability (CWE-287) when emails are being sent under certain conditions, and unintended emails may be sent by a remote attacker. Digital Arts Inc. states that attacks exploiting this vulnerability have been observed. Digital Arts Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Digital Arts Inc. coordinated under the Information Security Early Warning Partnership.

Multiple code injection vulnerabilities in ruby-git

2023-01-05T15:51+09:00

ruby-git is a Ruby library that can be used to create, read and operate Git repositories. ruby-git contains multiple code injection vulnerabilities (CWE-94). Yuki Kokubun of DeNA Co., Ltd. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Fuji Electric V-Server

2023-01-04T14:21+09:00

V-Server provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below. * Stack-based Buffer ovewflow (CWE-121) - CVE-2022-47908 * Out-of-bounds Read (CWE-125) - CVE-2022-41645 * Out-of-bounds Write (CWE-787) - CVE-2022-47317 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in Fuji Electric V-SFT and TELLUS

2023-01-04T14:16+09:00

V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. contain multiple vulnerabilities listed below. * Out-of-bounds Read (CWE-125) - CVE-2022-46360 * Out-of-bounds Write (CWE-787) - CVE-2022-43448 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2024-05-30T17:47+09:00

Installers generated by Squirrel.Windows may insecurely load Dynamic Link Libraries

2022-12-21T14:23+09:00

Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Koh You Liang of Sompo Holdings, Inc. reported this vulnerability to the developer first, and to IPA later. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

+Message App improper handling of Unicode control characters

2022-12-21T14:13+09:00

+Message App displays text unprocessed, even when control characters are contained, and the text is shown based on Unicode control character's specifications. Therefore, a crafted text may display misleading web links (CWE-451). Akaki Tsunoda reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Use-after-free vulnerability in Omron CX-Drive

2022-12-20T15:32+09:00

CX-Drive provided by Omron Corporation contains a use-after-free vulnerability (CWE-416). Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Command injection vulnerability in SHARP Multifunctional Products (MFP)

2022-12-20T12:12+09:00

SHARP Multifunctional Products (MFP) contain a command injection vulnerability (CWE-77, CVE-2022-45796). The OS layer is affected beyond the web application component, however treating the web application component as separate from the OS layer, 'Scope' is analyzed as 'S:C'. Sharp reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Corel Roxio Creator LJB starts a program with an unquoted file path

2022-12-19T13:47+09:00

Roxio Creator LJB provided by Corel Corporation starts another program with an unquoted file path (CWE-428). Haruka Hino of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Zenphoto vulnerable to cross-site scripting

2022-12-19T13:39+09:00

Zenphoto contains a stored cross-site scripting vulnerability (CWE-79). Terada Yu of Fujitsu System Integration Laboratories reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)

2023-01-11T16:55+09:00

CONPROSYS HMI System (CHS) provided by Contec Co., Ltd. contains multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2022-44456 * Use of Default Credentials (CWE-1392) - CVE-2023-22331 * Use of Password Hash Instead of Password for Authentication (CWE-836) - CVE-2023-22334 * Cross-site Scripting (CWE-79) - CVE-2023-22373 * Improper Access Control (CWE-284) - CVE-2023-22339 Floris Hendriks and Jeroen Wijenbergh of Radboud University reported these vulnerabilities to Contec Co., Ltd. and coordinated. Contec Co., Ltd. and JPCERT/CC published respective advisories in order to notify users of its solution.

Multiple vulnerabilities in DENSHI NYUSATSU CORE SYSTEM

2024-05-29T17:40+09:00

DENSHI NYUSATSU CORE SYSTEM provided by Japan Construction Information Center contains multiple vulnerabilities listed below. * Cross-site scripting vulnerability (CWE-79) - CVE-2022-41993 * Cross-site scripting vulnerability (CWE-79) - CVE-2022-46287 * Open redirect vulnerability (CWE-601) - CVE-2022-46288

Redmine vulnerable to cross-site scripting

2024-06-03T16:47+09:00

Redmine contains a cross-site scripting vulnerability (CWE-79) caused by improper Textile processing. Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Buffalo network devices

2024-02-14T15:45+09:00

Multiple network devices provided by BUFFALO INC. contain multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2022-43466 * OS Command Injection (CWE-78) - CVE-2022-43443 * Hidden Functionality (CWE-912) - CVE-2022-43486 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Information Exposure Vulnerability in JP1/Automatic Operation

2022-12-07T17:30+09:00

An information exposure vulnerability (CVE-2022-34881) exists in JP1/Automatic Operation.

Contec SolarView Compact vulnerable to cross-site scripting

2024-06-04T17:13+09:00

SolarView Compact provided by Contec Co., Ltd. is PV Measurement System. SolarView Compact contains a cross-site scripting vulnerability (CWE-79, CVE-2022-44355) in Check Network Communication Page of the product's web server. As of 2022 December 5, a Proof-of-Concept (PoC) code exploiting this vulnerability has already been made public.

Multiple vulnerabilities in UNIMO Technology digital video recorders

2024-06-03T16:55+09:00

Multiple digital video recorders provided by UNIMO Technology Co., Ltd contain multiple vulnerabilities listed below. * Improper Authentication (CWE-287) - CVE-2022-44620 * OS Command Injection (CWE-78) - CVE-2022-44606 * Hidden Functionality (CWE-912) - CVE-2022-43464 The reporter states that attacks exploiting these vulnerabilities have been observed. Yoshiki Mori, Ushimaru Hayato, Hiromu Kubiura and Masaki Kubo of National Institute of Information and Communications Technology Cybersecurity Research Institute reported these vulnerabilities to the developer and coordinated. After coordination was completed, this case was reported to JPCERT/CC and JPCERT/CC coordinated with the developer for the publication.

Multiple vulnerabilities in OMRON CX-Programmer

2024-04-05T18:15+09:00

CX-Programmer provided by Omron Corporation contains multiple vulnerabilities listed below. * Use-after-free (CWE-416) - CVE-2022-43508, CVE-2023-22277, CVE-2023-22317, CVE-2023-22314 * Out-of-bounds Write (CWE-787) - CVE-2022-43509 * Stack-based Buffer Overflow (CWE-121) - CVE-2022-43667 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Cybozu Remote Service vulnerable to Uncontrolled Resource Consumption

2024-06-03T16:08+09:00

Multiple cross-site scripting vulnerabilities in baserCMS

2024-05-31T18:17+09:00

baserCMS provided by baserCMS Users Community contains multiple cross-site scripting vulnerabilities listed below. * Stored cross-site scripting vulnerability in User management (CWE-79) - CVE-2022-39325 * Stored cross-site scripting vulnerability in Permission Settings (CWE-79) - CVE-2022-41994 * Stored cross-site scripting vulnerability in User group management (CWE-79) - CVE-2022-42486 CVE-2022-39325 YUYA KOTAKE of CARTA HOLDINGS, INC. and Shogo Iyota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2022-41994, CVE-2022-42486 Shogo Iyota of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

TP-Link RE300 V1 tdpServer vulnerable to improper processing of its input

2024-06-03T16:41+09:00

tdpServer of TP-Link RE300 V1 improperly processes its input, possibly resulting to crash (CWE-228). Tomoya Kitagawa and Toshiki Takatera of Ricerca Security, Inc. reported this vulnerability to the developer and coordinated. After coordination was completed, this case was reported to JPCERT/CC and JPCERT/CC coordinated with the developer for the publication.

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2024-05-31T17:43+09:00

Typora fails to properly neutralize JavaScript code.

2024-06-03T15:13+09:00

Typora fails to properly neutralize JavaScript code (CWE-116). Eiji Mori of Flatt Security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress Plugin "WordPress Popular Posts" accepts untrusted external inputs to update certain internal variables

2022-11-18T15:14+09:00

WordPress Plugin "WordPress Popular Posts" provided by Hector Cabrera accepts untrusted external inputs to update certain internal variables (CWE-454). Tsubasa Iinuma of Origami Systems reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

RICOH Aficio SP 4210N vulnerable to cross-site scripting

2022-11-17T11:15+09:00

Aficio SP 4210N provided by RICOH COMPANY, LTD. contains a cross-site scripting vulnerability (CWE-79) in Web Image Monitor. Yudai Morii, Takaya Noma, Hiroki Yasui, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Movable Type

2024-06-03T15:31+09:00

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. * Improper Validation of Syntactic Correctness of Input (CWE-1286) - CVE-2022-45113 * Cross-site Scripting (CWE-79) - CVE-2022-45122 * Improper Neutralization of Server-Side Includes (SSI) Within a Web Page (CWE-97) - CVE-2022-4366 CVE-2022-45113, CVE-2022-45122 SHIGA TAKUMA of BroadBand Security, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2022-43660 Six Apart Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Six Apart Ltd. coordinated under the Information Security Early Warning Partnership.

TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation

2024-06-06T16:11+09:00

The past versions of TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability. According to the developer, this vulnerability is caused by an improper input validation issue (CWE-20) in the binding mechanism of Spring MVC. NTT DATA Corporation reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and NTT DATA Corporation coordinated under the Information Security Early Warning Partnership.

Aiphone Video Multi-Tenant System Entrance Stations vulnerable to information disclosure

2024-06-06T17:37+09:00

Video Multi-Tenant System Entrance Stations provided by AIPHONE CO., LTD. contain an information disclosure vulnerability (CWE-200). Cameron Palmer of PROMON reported this vulnerability to Aiphone Co., Ltd. and coordinated. Aiphone Co., Ltd. and JPCERT/CC published respective advisories in order to notify users of this vulnerability.

Multiple vulnerabilities in OMRON products

2022-11-10T09:46+09:00

Machine automation controller NJ/NX series, Automation software "Sysmac Studio", and programmable terminal (PT) NA series provided by OMRON Corporation contain multiple vulnerabilities in the communication function. The vulnerabilities are as follows. * Use of Hard-coded Credentials (CWE-798) - CVE-2022-34151 * Authentication Bypass by Capture-replay (CWE-294) - CVE-2022-33208 * Active Debug Code (CWE-489) - CVE-2022-33971 OMRON Corporation reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

WordPress Plugin "Salon booking system" vulnerable to cross-site scripting

2024-06-05T18:07+09:00

WordPress Plugin "Salon booking system" contains a cross-site scripting vulnerability (CWE-79). Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in WordPress

2024-06-06T16:27+09:00

WordPress contains multiple vulnerabilities listed below which are to the WordPress Post by Email Feature.

Stored Cross-site scripting (CWE-79) - CVE-2022-43497
Stored Cross-site scripting (CWE-79) - CVE-2022-43500
Improper authentication (CWE-287) - CVE-2022-43504

Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in the web interfaces of Kyocera Document Solutions MFPs and printers

2024-06-06T17:01+09:00

The web interface "Command Center" of multiple MFPs and printers provided by KYOCERA Document Solutions Inc. contain multiple vulnerabilities listed below.

Session Information Easily Guessable (CWE-287) - CVE-2022-41798
Missing authorization (CWE-425) - CVE-2022-41807
Stored cross-site scripting (CWE-79) - CVE-2022-41830

Takayuki Sasaki, Takaya Noma and Katsunari Yoshioka of Yokohama National University reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in FUJI SOFT network devices

2024-06-06T16:48+09:00

USB dongle +F FS040U and mobile routers +F FS020W/+F FS030W/+F FS040W provided by FUJI SOFT INCORPORATED contain multiple vulnerabilities listed below.

Plaintext Storage of a Password (CWE-256) - CVE-2022-43442
Cross-Site Request Forgery (CWE-352) - CVE-2022-43470

Tomohisa Hasegawa of Canon IT Solutions Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in SHIRASAGI

2024-06-05T16:06+09:00

SHIRASAGI provided by SHIRASAGI Project contains multiple vulnerabilities listed below.

Open Redirect (CWE-601) - CVE-2022-43479
Stored Cross-site Scripting (CWE-79) - CVE-2022-43499

SHIGA TAKUMA of BroadBand Security, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in nadesiko3

2024-06-05T17:28+09:00

Nadesiko3 provided by kujirahand contains multiple vulnerabilities listed below.

OS command injection vulnerability in processing compression and decompression (CWE-78) - CVE-2022-41642
Improper check or handling of exceptional conditions in nako3edit (CWE-703) - CVE-2022-41777
OS command injection vulnerability via "file" parameter in nako3edit (CWE-78) - CVE-2022-42496

Satoki Tsuji reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2024-06-13T13:58+09:00

Stack-based buffer overflow vulnerability in Yokogawa Test & Measurement WTViewerE

2024-06-12T16:54+09:00

WTViewerE provided by Yokogawa Test & Measurement Corporation contains a stack-based buffer overflow vulnerability (CWE-121). Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

Lemon8 App fails to restrict access permissions

2024-06-12T16:39+09:00

Lemon8 by ByteDance K.K. provides the function to access a requested URL using Custom URL Scheme/DeepLink. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. Ryo Sato of BroadBand Security,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Android App "IIJ SmartKey" vulnerable to information disclosure

2024-06-27T13:40+09:00

Android App "IIJ SmartKey" provided by Internet Initiative Japan Inc. contains an information disclosure vulnerability (CWE-200). Naoaki Iwakiri reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in SVMPC1 and SVMPC2

2024-05-30T16:38+09:00

SVMPC1 and SVMPC2 provided by Daikin Holdings Singapore Pte Ltd. contain multiple vulnerabilities listed below. * Use of hard-coded password (CWE-259) - CVE-2022-41653 * Improper access control (CWE-284) - CVE-2022-38355

bingo!CMS vulnerable to authentication bypass

2024-05-30T17:57+09:00

bingo!CMS provided by Shift Tech Inc. contains an authentication bypass vulnerability (CWE-288) in some of the management functions. Shift Tech Inc. states that attacks exploiting this vulnerability have been observed. Shift Tech Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Shift Tech Inc. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security agents for Windows

2024-06-13T14:30+09:00

Trend Micro Incorporated has released a security update for Trend Micro Deep Security and Cloud One - Workload Security agents for Windows. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries

2024-06-12T12:12+09:00

The installer of Content Transfer (for Windows) provided by Sony Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Growi vulnerable to improper access control

2024-06-12T12:04+09:00

GROWI provided by WESEEK, Inc. contains an improper access control vulnerability (CWE-284). Kenta Yamamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

IPFire WebUI vulnerable to cross-site scripting

2024-06-12T14:28+09:00

The web user interface of IPFire provided by IPFire Project contains multiple stored cross-site scripting vulnerabilities (CWE-79). This analysis assumes a scenario where one administrative user prepares malicious content, and then another administrative user accesses this content, resulting in a cross-site scripting attack. Satoshi Horikoshi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Buffalo network devices

2022-10-13T16:28+09:00

Multiple network devices provided by Buffalo Inc. contain multiple vulnerabilities listed below. * Hidden Functionality (CWE-912) - CVE-2022-39044 * Use of Hard-coded Credentials (CWE-798) - CVE-2022-34840 * Authentication Bypass (CWE-288) - CVE-2022-4096 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter

2022-10-05T17:28+09:00

A privilege escalation vulnerability (CVE-2022-2637) exists in Hitachi Storage Plug-in for VMware vCenter.

BookStack vulnerable to cross-site scripting

2024-06-12T14:07+09:00

BookStack contains a cross-site scripting vulnerability (CWE-79). Kenichi Okuno of Mitsui Bussan Secure Directions, Inc reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

OpenAM (OpenAM Consortium Edition) vulnerable to open redirect

2024-06-13T11:39+09:00

OpenAM (OpenAM Consortium Edition) provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). OpenAM Consortium reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and OpenAM Consortium coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in EC-CUBE

2024-06-13T11:09+09:00

EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple vulnerabilities listed below. * Directory traversal vulnerability (CWE-22) - CVE-2022-40199 * DOM-based cross-site scripting vulnerability (CWE-79) - CVE-2022-38975 Noriaki Iwasaki of Cyber Defense Institute, Inc. reported these vulnerabilities to EC-CUBE CO.,LTD. and EC-CUBE CO.,LTD. reported them to JPCERT/CC to notify users of the solutions through JVN.

EC-CUBE plugin "Product Image Bulk Upload Plugin" vulnerable to insufficient verification in uploading files

2024-06-13T11:03+09:00

EC-CUBE plugin "Product Image Bulk Upload Plugin", a plugin that enables to upload image files, provided by EC-CUBE CO.,LTD. contains an insufficient verification vulnerability when uploading files (CWE-20). Exploiting this vulnerability allows a remote unauthenticated attacker to upload arbitrary files other than image files. EC-CUBE CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and EC-CUBE CO.,LTD. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service

2024-06-13T11:34+09:00

Trend Micro Apex One and Trend Micro Apex One as a Service provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. * Improper validation in some components of the rollback mechanism (CWE-20) - CVE-2022-40139 * Improper access control (CWE-284) - CVE-2022-40140 * Information exposure (CWE-200) - CVE-2022-40141 * Improper link resolution before file access (CWE-59) - CVE-2022-40142 * Improper link resolution before file access (CWE-59) - CVE-2022-40143 * Improper authentication (CWE-287) - CVE-2022-40144 Trend Micro Incorporated states that attacks exploiting CVE-2022-40139 have been observed. CVE-2022-40139, CVE-2022-40140, CVE-2022-40141, CVE-2022-40142, CVE-2022-40143 Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. CVE-2022-40144 Akinori Takeuchi of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

DoS Vulnerability in uCosminexus TP1/Client/J and Cosminexus Service Coordinator

2022-09-14T11:34+09:00

DoS Vulnerability have been found in uCosminexus TP1/Client/J and Cosminexus Service Coordinator.

Movable Type plugin A-Form vulnerable to cross-site scripting

2024-06-13T13:49+09:00

Movable Type plugin A-Form provided by ARK-Web co., ltd. contains a cross-site scripting vulnerability (CWE-79). hibiki moriyama of STNet, Incorporated reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure

2024-06-13T16:00+09:00

Mailform Pro CGI provided by SYNCK GRAPHICA contains an information disclosure vulnerability (CWE-200). Thanks module of this product saves user input data for a certain period of time. The time is set to 30 seconds by default in configs/thanks.cgi file. To exploit this vulerability, it is requireid for an attacker to access the affected product within in 30 seconds. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Contec FLEXLAN FX3000 and FX2000 series

2022-09-02T18:08+09:00

FLEXLAN FX3000 and FX2000 series provided by Contec Co., Ltd. contain multiple vulnerabilities listed below. * Hidden Functionality (CWE-912) - CVE-2022-36158 * Use of Hard-coded Credentials (CWE-798) - CVE-2022-36159 Thomas J. Knudsen and Samy Younsi of Necrum Security Labs reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

PowerCMS XMLRPC API vulnerable to command injection

2024-06-13T11:44+09:00

PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability (CWE-74). Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. According to the developer, it is unable to execute a command with an arbitrary value added to its argument, even if the vulnerability is exploited. Alfasado Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Alfasado Inc. coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in CentreCOM AR260S V2

2024-06-13T16:21+09:00

CentreCOM AR260S V2 provided by Allied Telesis K.K. contains multiple vulnerabilities listed below. * OS command injection vulnerability in GUI setting page (CWE-78) - CVE-2022-35273 * Use of hard-coded credentials for the telnet server (CWE-798) - CVE-2022-38394 * Undocumented hidden command that can be excuted from the telnet function (CWE-912) - CVE-2022-34869 * OS command injection vulnerability in the telnet function (CWE-78) - CVE-2022-38094 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries

2024-06-13T13:53+09:00

Installer of Device Software Manager provided by RICOH COMPANY, LTD. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Movable Type XMLRPC API vulnerable to command injection

2024-06-13T18:11+09:00

Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability (CWE-74). Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. According to the developer, it is unable to execute a command with an arbitrary value added to its argument, even if the vulnerability is exploited. Osaka University of Economics reported this vulnerability to Six Apart Ltd. and coordinated. Six Apart Ltd. and JPCERT/CC published respective advisories in order to notify users of this vulnerability. And almost at the same time, SHIGA TAKUMA of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with Six Apart Ltd. under Information Security Early Warning Partnership.

Multiple vulnerabilities in Exment

2024-06-14T11:09+09:00

Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities listed below. * Reflected cross-site scripting (CWE-79) - CVE-2022-38080 * SQL injection (CWE-89) - CVE-2022-37333 * Stored cross-site scripting (CWE-79) - CVE-2022-38089 CVE-2022-38080, CVE-2022-37333 Hibiki Moriyama of STNet, Incorporated reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2022-38089 Yuya Chudo of N.F.Laboratories Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in PukiWiki

2024-06-14T11:55+09:00

PukiWiki provided by PukiWiki Development Team contains multiple vulnerabilities listed below. * Path Traversal (CWE-22) - CVE-2022-34486 * Reflected Cross-site Scripting (CWE-79) - CVE-2022-27637 Harold Kim reported these vulnerabilities to the developer and coordinated. After coordination was completed, this case was reported to JPCERT/CC and JPCERT/CC coordinated with the developer for the publication.

PLANEX MZK-DP150N contains hidden administrative functionality

2024-06-14T14:06+09:00

MZK-DP150N provided by PLANEX COMMUNICATIONS INC. contains a hidden administrative screen (CVE-2021-37289, CWE-912). In the initial settings of the product, the login account for the configuration screen is common to all products. Please change the account information from the initial settings before using it. Thomas J. Knudsen and Samy Younsi of Necrum Security Labs reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

PukiWiki vulnerable to cross-site scripting

2024-06-14T12:00+09:00

PukiWiki provided by PukiWiki Developers Team contains a stored cross-site scripting vulnerability (CWE-79). Ryuhoh Ide of Department of Applied Physics, School of Engineering, The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

UNIMO Technology digital video recorders vulnerable to missing authentication for critical functions

2024-06-14T10:24+09:00

Multiple digital video recorders provided by UNIMO Technology Co., Ltd do not perform authentication for some critical functions (CWE-306) in the device management web interface. The reporter states that attacks exploiting this vulnerability have been observed. Yoshiki Mori, Ushimaru Hayato and Masaki Kubo of National Institute of Information and Communications Technology Cybersecurity Research Institute reported this vulnerability to the developer and coordinated. After coordination was completed, this case was reported to JPCERT/CC and JPCERT/CC coordinated with the developer for the publication.

Multiple vulnerabilities in Trend Micro Security

2022-08-19T11:42+09:00

Trend Micro Incorporated has released security updates for Trend Micro Security. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation

2024-06-14T17:11+09:00

Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.

Kaitai Struct: compiler vulnerable to denial-of-service (DoS)

2022-08-04T15:14+09:00

Kaitai Struct: compiler provided by Kaitai team contains SnakeYAML library version 1.25, which is used in parsing .ksy files. SnakeYAML version 1.25 expands recursive aliases unlimitedly (CWE-674), hence Katai Struct: compiler is vulnerable to a denial-of-service (DoS) attack by Billion Laughs Attack. Taichi Kotake of Sterra Security Co.,Ltd. / Akatsuki Games Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CONTEC SolarView Compact vulnerable to insufficient verification in uploading files

2024-06-14T15:21+09:00

SolarView Compact provided by CONTEC CO., LTD. is PV Measurement System. The image file management page of SolarView Compact contains an insufficient verification vulnerability when uploadi webray reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.ng files (CWE-20).

Information Disclosure Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator

2022-08-01T17:10+09:00

Information Disclosure Vulnerability have been found in Hitachi Automation Director and Hitachi Ops Center Automator.

Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001

2024-06-14T16:27+09:00

Nintendo Wi-Fi Network Adaptor provided by Nintendo Co.,Ltd. contains multiple vulnerabilities listed below. * OS command injection (CWE-78) - CVE-2022-36381 * Buffer overflow (CWE-121) - CVE-2022-36293 Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"JustSystems JUST Online Update for J-License" starts a program with an unquoted file path

2022-07-28T13:40+09:00

"JustSystems JUST Online Update for J-License" is bundled with multiple products for corporate users provided by JustSystems Corporation, as in Ichitaro through Pro5 and others, and it is registered as a Windows service. "JustSystems JUST Online Update for J-License" starts another program with an unquoted file path (CWE-428). Hiroki MATSUKUMA of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"Hulu" App for iOS vulnerable to improper server certificate verification

2024-06-14T12:25+09:00

"Hulu" App for iOS provided by HJ Holdings, Inc. is vulnerable to improper server certificate verification (CWE-295). Shungo Kumasaka of GMO Cyber Security by IERAE reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

"Hulu" App for Android uses a hard-coded API key for an external service

2024-06-14T14:42+09:00

"Hulu" App for Android provided by HJ Holdings, Inc. uses a hard-coded API key for an external service (CWE-798). Ryo Sato of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress Plugin "Newsletter" vulnerable to cross-site scripting

2024-06-18T11:21+09:00

WordPress Plugin "Newsletter" provided by Stefano Lissa & The Newsletter Team contains a cross-site scripting vulnerability (CWE-79). Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in untangle

2024-06-17T11:03+09:00

untangle provided by Christian Stefanescu is a Python library for processing XML documents. untangle contains multiple vulnerabilities listed below. * Improper Restriction of Recursive Entity References in DTDs (CWE-776) - CVE-2022-33977 * Improper Restriction of XML External Entity Reference (CWE-611) - CVE-2022-31471 Taichi Kotake of Sterra Security Co.,Ltd. / Akatsuki Games Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Booked vulnerable to open redirect

2024-06-14T17:43+09:00

Booked provided by Twinkle Toes Software contains an open redirect vulnerability (CWE-601). Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Cybozu Office

2024-06-14T14:02+09:00

Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. * [CyVDB-839][CyVDB-2300][CyVDB-3109] Browse restriction bypass vulnerability in Cabinet (CWE-284) - CVE-2022-32283 * [CyVDB-1795] Operation restriction bypass vulnerability in Project (CWE-285) - CVE-2022-32544 * [CyVDB-1800][CyVDB-2798][CyVDB-2927] Browse restriction bypass vulnerability in Custom App (CWE-284) - CVE-2022-29891 * [CyVDB-1849] Cross-site scripting vulnerability in the specific parameters (CWE-79) - CVE-2022-33151 * [CyVDB-1851][CyVDB-1856][CyVDB-1873][CyVDB-1944][CyVDB-2173] Cross-site scripting vulnerability in the specific parameters (CWE-79) - CVE-2022-28715 * [CyVDB-1859] Cross-site scripting vulnerability in the specific parameters (CWE-79) - CVE-2022-30604 * [CyVDB-2030] HTTP header injection vulnerability (CWE-113) - CVE-2022-32453 * [CyVDB-2152][CyVDB-2153][CyVDB-2154][CyVDB-2155] Information disclosure vulnerability in the system configuration (CWE-200) - CVE-2022-30693 * [CyVDB-2693] Operation restriction bypass vulnerability in Scheduler (CWE-285) - CVE-2022-32583 * [CyVDB-2695][CyVDB-2819] Browse restriction bypass vulnerability in Scheduler (CWE-284) - CVE-2022-25986 * [CyVDB-2770] Browse restriction bypass vulnerability in Address Book (CWE-284) - CVE-2022-33311 * [CyVDB-2939] Cross-site scripting vulnerability in the specific parameters (CWE-79) - CVE-2022-29487 CVE-2022-28715, CVE-2022-30604, CVE-2022-32453, CVE-2022-33151 Masato Kinugawa reported these vulnerabilities to Cybozu, Inc. and Cybozu, Inc. reported them to JPCERT/CC to notify users of the solutions through JVN. CVE-2022-29891, CVE-2022-32544, CVE-2022-32583 Yuji Tounai reported these vulnerabilities to Cybozu, Inc. and Cybozu, Inc. reported them to JPCERT/CC to notify users of the solutions through JVN. CVE-2022-30693 Kanta Nishitani of Ierae Security Inc. reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. CVE-2022-29487, CVE-2022-25986, CVE-2022-32283, CVE-2022-33311 Cybozu, Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solution through JVN.

U-Boot squashfs filesystem implementation vulnerable to heap-based buffer overflow

2024-06-14T17:53+09:00

U-Boot is a boot loader for multiple platforms, and squashfs filesystem feature is provided since v2020.10-rc2 (commit c5100613). squashfs filesystem implementation of U-Boot contains a heap-based buffer overflow vulnerability (CWE-122) due to a defect in the metadata reading process. Tatsuhiko Yasumatsu of Sony Corporation reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated between the reporter and the developer.

Django Extract and Trunc functions vulnerable to SQL injection

2024-06-18T11:57+09:00

Django provided by Django Software Foundation is a Web application framework. Extract and Trunc functions of Django used to treat date data contain an SQL injection vulnerability(CWE-89). Takuto Yoshikai of Aeye Security Lab reported this vulnerability to the developer and coordinated. After coordination was completed, this case was reported to IPA, and JPCERT/CC coordinated with the developer for the publication under Information Security Early Warning Partnership.

Passage Drive vulnerable to insufficient data verification

2024-06-14T17:48+09:00

Passage Drive provided by Yokogawa Rental & Lease Corporation contains an insufficient data verification vulnerability for interprocess communication (CWE-20). Yokogawa Rental & Lease Corporation reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Yokogawa Rental & Lease Corporation coordinated under the Information Security Early Warning Partnership.

Multiple vulnerabilities in Cybozu Garoon

2024-06-17T16:49+09:00

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. * [CyVDB-2909] Operation restriction bypass in multiple applications (CWE-285) - CVE-2022-30602 * [CyVDB-3042] Information disclosure in multiple applications (CWE-200) - CVE-2022-29512 * [CyVDB-3111] Improper input validation in multiple applications (CWE-20) - CVE-2022-29926 * [CyVDB-3143] Browsing restriction bypass vulnerability in Bulletin (CWE-284) - CVE-2022-30943 CVE-2022-30602 Shuichi Uruma reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. CVE-2022-30943 Yuji Tounai reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. CVE-2022-29512 Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. [Updated on 2022 July 6] The developer identified that [CyVDB-3111] was not a vulnerability after the further investigation. Therefore the JVN advisory was updated by crossing out the description regarding [CyVDB-3111].

LiteCart vulnerable to cross-site scripting

2024-06-17T10:39+09:00

LiteCart contains a cross-site scripting vulnerability (CWE-79). Satoshi Horikoshi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

HOME SPOT CUBE2 vulnerable to OS command injection

2024-06-17T10:45+09:00

HOME SPOT CUBE2 provided by KDDI CORPORATION contains an OS command injection vulnerability (CWE-78) due to improper processing of data received from DHCP server. Alice Rose reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

L2Blocker Sensor setup screen vulnerable to authentication bypass

2024-06-18T10:45+09:00

L2Blocker provided by SOFTCREATE CORP. contains a vulnerability (CWE-288) in which the login authentication is bypassed by using alternative paths or channels for Sensor. Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

web2py vulnerable to open redirect

2024-06-18T10:48+09:00

web2py contains an open redirect vulnerability (CWE-601). Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Gitlab vulnerable to server-side request forgery

2024-06-20T15:39+09:00

Gitlab contains a server-side request forgery vulnerability (CWE-918) through the Project Import feature. Kanta Nishitani of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to the developer and coordinated. After coordination was completed, this case was reported to IPA, and JPCERT/CC coordinated with the developer for the publication under Information Security Early Warning Partnership.

Growi vulnerable to weak password requirements

2022-06-15T17:47+09:00

GROWI provided by WESEEK, Inc. contains a weak password requirements vulnerability (CWE-521, CVE-2022-1236). 418sec first reported this vulnerability to JPCERT/CC, then JPCERT/CC contacted WSEEK, Inc. as a coordinator. After the coordination between 418sec and WESEEK, Inc. was completed, this case was published to notify the users of the solution through JVN.

FreeBSD vulnerable to denial-of-service (DoS)

2024-06-13T16:31+09:00

FreeBSD contains a denial-of-service (DoS) vulnerability (CWE-400) due to improper handling of TSopt on TCP connections.

Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting

2024-06-18T10:51+09:00

Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc., with firmware versions prior to 12.2(50)SY, improperly processes user input and generates error pages, leading to a cross-site scripting vulnerability (CWE-79). The vulnerability has been addressed on 12.2(50)SY released in 2011 (Cisco bug id: CSCek36997), and Cisco Catalyst 2940 Series Switches has been End-of-Support since 2015. Imaoka Ryo of Cyber Security Research Team reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

SHIRASAGI vulnerable to cross-site scripting

2024-06-18T11:13+09:00

SHIRASAGI provided by SHIRASAGI Project contains a cross-site scripting vulnerability (CWE-79). hibiki moriyama of STNet, Incorporated reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2024-06-18T16:30+09:00

T&D Data Server and THERMO RECORDER DATA SERVER contain a directory traversal vulnerability.

2024-06-18T10:34+09:00

T&D Data Server and THERMO RECORDER DATA SERVER provided by T&D Corporation contain a directory traversal vulnerability (CWE-22). Shun Asai of FiveDrive, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting

2024-06-18T10:42+09:00

WordPress Plugin "Modern Events Calendar Lite" provided by Webnus contains a stored cross-site scripting vulnerability (CWE-79). Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

RevoWorks incomplete filtering of MS Office v4 macros

2024-06-18T16:31+09:00

RevoWorks SCVX, RevoWorks Browser and RevoWorks Desktop provided by J's Communication Co., Ltd. enables users to execute web browsers, accessing drives, folders, files and registries in a sandboxed environment. Users can download files from the internet to the sandboxed environment, sanitizing through "File Sanitization Library" or "File Sanitization Option", and import to the local environment. "File Sanitization Library" and "File Sanitization Option" are implemented with some third-party component, but the component's filtering functionality is incomplete, fails to detect nor remove Microsoft Excel 4.0 (XLM) Macros (CWE-791). The developer reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and the developer coordinated under the Information Security Early Warning Partnership.

Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification

2024-06-18T11:06+09:00

Mobaoku-Auction & Flea Market App for iOS provided by DeNA Co., Ltd. is vulnerable to improper server certificate verification (CWE-295). Okazawa Yoshihiro reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Fuji Electric V-SFT

2024-06-18T13:44+09:00

Multiple vulnerabilities listed below exist in the simulator module contained in the graphic editor "V-SFT" provided by FUJI ELECTRIC CO., LTD. * Out-of-bounds Write (CWE-787) - CVE-2022-30538 * Out-of-bounds Read (CWE-125) - CVE-2022-30546 * Heap-based Buffer Overflow (CWE-122) - CVE-2022-26302 * Use After Free (CWE-416) - CVE-2022-29522 * Access of Uninitialized Pointer (CWE-824) - CVE-2022-29522 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite

2024-06-18T16:28+09:00

Multiple vulnerabilities listed below exist in the simulator module contained in the graphic editor "V-SFT" and the remote monitoring software "V-Server" and "V-Server Lite" provided by FUJI ELECTRIC CO., LTD. * Out-of-bounds Read in V-SFT (CWE-125) - CVE-2022-29506 * Out-of-bounds Read in V-Server and V-Server Lite (CWE-125) - CVE-2022-30549 * Out-of-bounds Write in V-Server and V-Server Lite (CWE-787) - CVE-2022-29524 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

Multiple vulnerabilities in CONTEC SolarView Compact

2024-06-20T11:34+09:00

SolarView Compact provided by CONTEC CO., LTD. is PV Measurement System. SolarView Compact contains multiple vulnerabilities listed below. OS command injection (CWE-78) - CVE-2022-29303 Improper validation of input values on the send test mail console of the product's web server may result in OS command injection. Directory traversal (CWE-23) - CVE-2022-29298 Improper validation of a URL on the download page of the product's web server may allow a remote attacker to view and obtain an arbitrary file. Information disclosure (CWE-200) - CVE-2022-29302 The hidden page which enables to edit the product's web server contents exists in the product's web server, and a remote attacker to read and/or alter an arbitrary file on the web server via the hidden page. OS command injection (CWE-78) - CVE-2022-40881 Improper validation of input values on Check Network Communication Page of the product's web server may result in an arbitrary OS command execution. OS command injection (CWE-78) - CVE-2023-23333 Improper validation of input values on the download page of the product's web server may result in an arbitrary OS command execution. CVE-2022-29298 Jongheon Yan of S2W Inc reported CONTEC CO., LTD. that the fix for the vulnerability was insufficient in Ver.6.5. CONTEC CO., LTD. and JPCERT/CC updated respective advisories.

Trend Micro Password Manager vulnerable to privilege escalation

2024-06-18T17:52+09:00

Trend Micro Incorporated has released a security update for Trend Micro Password Manager. Trend Micro Incorporated reported the vulnerability to JPCERT/CC to notify users of the solutions through JVN.

WordPress plugin "WP Statistics" vulnerable to cross-site scripting

2024-06-18T15:41+09:00

WordPress plugin "WP Statistics" provided by VeronaLabs contains a cross-site scripting vulnerability (CWE-79). Shogo Kumamaru of LAC CyberLink Co., Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)

2024-06-20T12:09+09:00

Spring Security OAuth (spring-security-oauth2) provided by VMware, Inc. contains a denial-of-service vulnerability due to uncontrolled resource consumption (CWE-400). Note that Spring Security OAuth (spring-security-oauth2) is no longer supported, therefore Spring Security has been developed as the alternative, and the similar vulnerability known as CVE-2021-22119 was identified but has been addressed. Macchinetta/TERASOLUNA Framework Development Team:NTT DATA Corporation, NTT COMWARE, and NTT reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Rakuten Casa

2024-06-18T12:09+09:00

Rakuten Casa provided by Rakuten Mobile, Inc. contains multiple vulnerabilities listed below. * Use of Hard-coded Credentials (CWE-798) - CVE-2022-29525 * Improper Access Control (CWE-284) - CVE-2022-28704 * Improper Access Control (CWE-284) - CVE-2022-26834 CVE-2022-29525 Narumi Hirai of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2022-28704 Hiroki Oshiro and Tagawa, Masaki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2022-26834 Tagawa, Masaki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Multiple vulnerabilities in Cybozu Garoon

2024-06-17T16:34+09:00

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. * [CyVDB-1584][CyVDB-2670] Operation restriction bypass vulnerability in Bulletin (CWE-285) - CVE-2022-28718 * [CyVDB-1865][CyVDB-2692] Operation restriction bypass vulnerability in Workflow (CWE-285) - CVE-2022-27661 * [CyVDB-2660] Improper input validation vulnerability in Space (CWE-20) - CVE-2022-29892 * [CyVDB-2667] Cross-site scripting vulnerability in Scheduler (CWE-79) - CVE-2022-29513 * [CyVDB-2685] Browse restriction bypass vulnerability in Bulletin (CWE-284) - CVE-2022-29471 * [CyVDB-2689] Operation restriction bypass vulnerability in Portal (CWE-285) - CVE-2022-26051 * [CyVDB-2718] Improper input validation vulnerability in Scheduler (CWE-20) - CVE-2022-28692 * [CyVDB-2839] Improper input validation vulnerability in Space (CWE-20) - CVE-2022-27803 * [CyVDB-2841] Browse restriction bypass and operation restriction bypass vulnerability in Cabinet (CWE-285) - CVE-2022-26368 * [CyVDB-2889] Cross-site scripting vulnerability in Organization's Information (CWE-79) - CVE-2022-27627 * [CyVDB-2897] Operation restriction bypass vulnerability in Link (CWE-285) - CVE-2022-26054 * [CyVDB-2906] Improper input validation vulnerability in Link (CWE-20) - CVE-2022-27807 * [CyVDB-2932] Address information disclosure vulnerability (CWE-200) - CVE-2022-29467 * [CyVDB-2940] Improper authentication vulnerability in Scheduler (CWE-287) - CVE-2022-28713 * [CyVDB-3001] Operation restriction bypass vulnerability in Space (CWE-285) - CVE-2022-29484 * [CyVDB-2911] Browse restriction bypass vulnerability in Cabinet (CWE-284) - CVE-2022-31472 CVE-2022-27627 Masato Kinugawa reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. CVE-2022-26054, CVE-2022-26368, CVE-2022-31472 Yuji Tounai reported these vulnerabilities to Cybozu, Inc. and Cybozu, Inc. reported them to JPCERT/CC to notify users of the solutions through JVN. CVE-2022-26051, CVE-2022-27661, CVE-2022-27803, CVE-2022-27807, CVE-2022-28692, CVE-2022-28713, CVE-2022-28718, CVE-2022-29467, CVE-2022-29471, CVE-2022-29484, CVE-2022-29513, CVE-2022-29892 Cybozu, Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Strapi vulnerable to cross-site scripting

2024-06-18T11:17+09:00

Strapi contains a stored cross-site scripting vulnerability (CWE-79) in the file upload function. Yuta Morioka of Information Science College reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.