CVE-2014-3895

I-O DATA - Auth Bypass

Title source: llm

Description

The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and earlier, TS-PTCAM/POE camera with firmware 1.08 and earlier, and TS-WLC2 camera with firmware 1.02 and earlier allow remote attackers to bypass authentication, and consequently obtain sensitive credential and configuration data, via unspecified vectors.

References (3)

[Vendor Advisory] http://www.iodata.jp/support/information/2014/qwatch/

[Third Party Advisory] http://jvn.jp/en/jp/JVN94592501/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2014-000087

Scores

EPSS 0.0030

EPSS Percentile 53.4%

Classification

CWE

CWE-287

Status draft

Affected Products (12)

iodata/ts-wlcam\/v_camera_firmware < 1.0.6

iodata/ts-wlcam\/v_camera

iodata/ts-wptcam_camera_firmware < 1.0.8

iodata/ts-wptcam_camera

iodata/ts-wlcam_camera_firmware < 1.06

iodata/ts-wlcam_camera

iodata/ts-ptcam\/poe_camera_firmware < 1.08

iodata/ts-ptcam\/poe_camera

iodata/ts-wlc2_camera_firmware < 1.02

iodata/ts-wlc2_camera

iodata/ts-ptcam_camera_firmware < 1.08

iodata/ts-ptcam_camera

Timeline

Published Jul 29, 2014

Tracked Since Feb 18, 2026