Published:2026/03/26 Last Updated:2026/03/26
JVN#18035227
Digital Photo Frame GH-WDF10A vulnerable to improper access restriction
Overview
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an improper access restriction vulnerability.
Products Affected
- Digital Photo Frame GH-WDF10A all versions
Description
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains the following vulnerability.
- Active debug code (CWE-489)
- CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 7.0
- CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 6.8
- CVE-2026-33201
Impact
Files or configurations on the affected device may be read or written, or arbitrary files may be executed with root privileges.
Solution
Update the Firmware
Update the firmware to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| GREEN HOUSE CO., LTD. | Important Notice on Digital Photo Frame GH-WDF10A (Text in Japanese) |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Koki Takase reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2026-33201 |
| JVN iPedia |
JVNDB-2026-000042 |