Wnc01wh Firmware
by Buffalotech
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-7824 | Hig | 0.57 | 8.8 | 0.01 | Jun 9, 2017 | Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. | |
| CVE-2016-7822 | Hig | 0.57 | 8.8 | 0.00 | Jun 9, 2017 | Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors. | |
| CVE-2016-7826 | Med | 0.43 | 6.5 | 0.04 | Jun 9, 2017 | Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests. | |
| CVE-2016-7825 | Med | 0.43 | 6.5 | 0.04 | Jun 9, 2017 | Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands. | |
| CVE-2016-7821 | Med | 0.42 | 6.5 | 0.01 | Jun 9, 2017 | Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors. | |
| CVE-2016-7823 | Med | 0.28 | 4.3 | 0.00 | Jun 9, 2017 | Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. |