Vulnerabilities > Buffalotech > Wnc01Wh

DATE CVE VULNERABILITY TITLE RISK
2017-06-09 CVE-2016-7826 Path Traversal vulnerability in Buffalotech Wnc01Wh Firmware
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.
network
low complexity
buffalotech CWE-22
4.0
2017-06-09 CVE-2016-7825 Path Traversal vulnerability in Buffalotech Wnc01Wh Firmware
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.
network
low complexity
buffalotech CWE-22
4.0
2017-06-09 CVE-2016-7824 Improper Access Control vulnerability in Buffalotech Wnc01Wh Firmware
Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors.
network
low complexity
buffalotech CWE-284
6.5
2017-06-09 CVE-2016-7823 Cross-site Scripting vulnerability in Buffalotech Wnc01Wh Firmware
Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
2.3
2017-06-09 CVE-2016-7822 Cross-Site Request Forgery (CSRF) vulnerability in Buffalotech Wnc01Wh Firmware
Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors.
6.8
2017-06-09 CVE-2016-7821 Improper Input Validation vulnerability in Buffalotech Wnc01Wh Firmware
Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors.
4.3