Vulnerabilities > Buffalotech > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-09 | CVE-2016-7824 | Improper Access Control vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7822 | Cross-Site Request Forgery (CSRF) vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors. | 8.8 |
| 2016-01-22 | CVE-2016-1134 | Cross-Site Request Forgery (CSRF) vulnerability in Buffalotech products Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices with firmware 1.90 and earlier, WMR-300 devices with firmware 1.90 and earlier, WMR-433 devices with firmware 1.01 and earlier, and WSR-1166DHP devices with firmware 1.01 and earlier allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |