CVE-2017-2133

SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
References
Link Resource
http://www.securityfocus.com/bid/101583 Third Party Advisory VDB Entry
https://jvn.jp/en/jp/JVN54795166/ Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/101583 Third Party Advisory VDB Entry
https://jvn.jp/en/jp/JVN54795166/ Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:panasonic:kx-hjb1000_firmware:ghx1yg_14.50:*:*:*:*:*:*:*
cpe:2.3:o:panasonic:kx-hjb1000_firmware:hjb1000_4.47:*:*:*:*:*:*:*
cpe:2.3:h:panasonic:kx-hjb1000:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:22

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/101583 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/101583 - Third Party Advisory, VDB Entry
References () https://jvn.jp/en/jp/JVN54795166/ - Third Party Advisory, VDB Entry () https://jvn.jp/en/jp/JVN54795166/ - Third Party Advisory, VDB Entry

Information

Published : 2017-10-20 11:29

Updated : 2024-11-21 03:22


NVD link : CVE-2017-2133

Mitre link : CVE-2017-2133

CVE.ORG link : CVE-2017-2133


JSON object : View

Products Affected

panasonic

  • kx-hjb1000
  • kx-hjb1000_firmware
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')