March 18, 2008
>> JAPANESE

1.Overview

The WN-APG/R Series and the WN-WAPG/R Series from I-O DATA provide the web administration interface to configure the router settings. The authentication feature of the WN-APG/R Series and the WN-WAPG/R Series is not effective by default and that makes the web administration interface vulnerable to unauthorized access. A remote attacker could obtain configuration information or execute unauthorized operations.

For information on affected products, please refer to:
http://www.iodata.jp/news/oshirase.htm (in Japanese)

For affected systems and the latest information on the vulnerability, please refer to:
http://jvndb.jvn.jp/contents/en/2008/JVNDB-2008-000017.html

The following creditee reported this vulnerability to IPA on November 24, 2007. JPCERT Coordination Center (JPCERT/CC) coordinated with the product vendors and published the vulnerability on March 18, 2008, under Information Security Early Warning Partnership.
Credit: Hirotaka Katagiri

2.Impact

The authentication feature of multiple I-O DATA wireless LAN routers is not effective by default, which allows a remote attacker to obtain configuration information or execute unquthorized operations on the web administraiton interface.

3.Solution

To fix the problem, update the firmware to the latest version or change the configuration setting. Check out the following vendor site and take appropriate action for the solution varies depending on the affected product.
http://www.iodata.jp/news/oshirase.htm (in Japanese)

4.CVSS Severity

(1)Evaluation Result

Severity Rating (CVSS base score)	□ Low (0.0~3.9)	□ Medium (4.0~6.9)	■ High (7.0~10.0)
CVSS base score			7.5

(2) Base Score Metrics

AV:Access Vector	□ Local	□ Adjacent 　Network	■ Network
AC:Access Complexity	□ High	□ Medium	■ Low
Au:Authentication	□ Multiple	□ Single	■ None
C:Confidentiality Impact	□ None	■ Partial	□ Complete
I:Integrity Impact	□ None	■ Partial	□ Complete
A:Availability Impact	□ None	■ Partial	□ Complete

■:Selected Values

Contact