Refine your search
2 vulnerabilities found for digital photo frame GH-WDF10A by GREEN HOUSE CO., LTD.
jvndb-2026-000042
Vulnerability from jvndb
Published
2026-03-26 17:41
Modified
2026-03-26 17:41
Severity ?
Summary
Digital Photo Frame GH-WDF10A vulnerable to improper access restriction
Details
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains the following vulnerability.<a href='https://cwe.mitre.org/data/definitions/489.html' target='_blank'></a><ul><li>Active debug code (CWE-489) - CVE-2026-33201</li></ul>Koki Takase reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000042.html",
"dc:date": "2026-03-26T17:41+09:00",
"dcterms:issued": "2026-03-26T17:41+09:00",
"dcterms:modified": "2026-03-26T17:41+09:00",
"description": "Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains the following vulnerability.\u003ca href=\u0027https://cwe.mitre.org/data/definitions/489.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003cul\u003e\u003cli\u003eActive debug code (CWE-489) - CVE-2026-33201\u003c/li\u003e\u003c/ul\u003eKoki Takase reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000042.html",
"sec:cpe": {
"#text": "cpe:/a:misc:green_house_digital_photo_frame_gh-wdf10a",
"@product": "digital photo frame GH-WDF10A",
"@vendor": "GREEN HOUSE CO., LTD.",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2026-000042",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN18035227/index.html",
"@id": "JVN#18035227",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-33201",
"@id": "CVE-2026-33201",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Digital Photo Frame GH-WDF10A vulnerable to improper access restriction"
}
CVE-2026-33201 (GCVE-0-2026-33201)
Vulnerability from cvelistv5
Published
2026-03-26 04:18
Modified
2026-03-26 13:55
Severity ?
6.8 (Medium) - CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.0 (High) - CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-489 - Active debug code
Summary
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an active debug code vulnerability. If this vulnerability is exploited, files or configurations on the affected device may be read or written, or arbitrary files may be executed with root privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| GREEN HOUSE CO., LTD. | Digital Photo Frame GH-WDF10A |
Version: all versions |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33201",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-26T13:55:13.143693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-26T13:55:23.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Digital Photo Frame GH-WDF10A",
"vendor": "GREEN HOUSE CO., LTD.",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an active debug code vulnerability. If this vulnerability is exploited, files or configurations on the affected device may be read or written, or arbitrary files may be executed with root privileges."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "Active debug code",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-26T04:18:57.635Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.green-house.co.jp/note/info_gh-wdf10a/"
},
{
"url": "https://jvn.jp/en/jp/JVN18035227/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-33201",
"datePublished": "2026-03-26T04:18:57.635Z",
"dateReserved": "2026-03-17T23:23:26.571Z",
"dateUpdated": "2026-03-26T13:55:23.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}