Vulnerabilities (CVE)

Filtered by vendor Toshiba Subscribe
Filtered by product Hem-gw26a
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16201 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 8.3 HIGH 8.8 HIGH
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands.
CVE-2018-16200 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 5.8 MEDIUM 8.8 HIGH
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands.
CVE-2018-16199 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-16198 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 5.8 MEDIUM 8.8 HIGH
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device.
CVE-2018-16197 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 3.3 LOW 6.5 MEDIUM
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device.
CVE-2017-2238 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross-site request forgery (CSRF) vulnerability in Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier and Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2017-2237 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVE-2017-2236 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier uses hard-coded credentials, which may allow attackers to perform operations on device with administrative privileges.
CVE-2017-2235 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to bypass access restriction to change the administrator account password via unspecified vectors.
CVE-2017-2234 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier may allow remote attackers to access a non-documented developer screen to perform operations on device with administrative privileges.