Multiple Toshiba memory card installers are prone to a remote code-execution vulnerability.
A remote attacker can leverage this issue to execute arbitrary code in the context of the affected application.
The following products are vulnerable:
SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool 1.00.03 and prior versions.
SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Configuration Software 3.0.2 and prior versions.
SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WE series) 3.00.01
SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WD/WC series) 2.00.03 and prior versions.
SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WB/WL series) 1.00.04 and prior versions.
SDHC Memory Card with embedded TransferJetTM functionality Configuration Software 1.02 and prior versions.
SDHC Memory Card with embedded TransferJetTM functionality Software Update tool 1.00.06 and prior versions.
Information
Toshiba SDXC Memory Card with embedded NFC functionality Software Update 0
Toshiba SDHC Memory Card FlashAirTM Software Update tool 3.0.1
Toshiba SDHC Memory Card FlashAirTM Software Update tool 0
Toshiba SDHC Memory Card FlashAirTM Configuration Software 3.0.2
Toshiba SDHC Memory Card FlashAirTM Configuration Software 0
Toshiba SDHC Memory Card 1.0.3
Toshiba SDHC Memory Card 0
Exploit
Attackers must trick a user into opening a file on a remote WebDAV or SMB share to exploit this issue.
A general exploit technique has been documented by TheLeader and H.D. Moore for the Metasploit Project; please see the references for more information.
References: