Directory Traversal Vulnerability in Buffalo WNC01WH Devices
CVE-2016-7825

6.5MEDIUM

Key Information:

Vendor

Buffalo Inc.

Status
Wnc01wh
Vendor
CVE Published:
9 June 2017

What is CVE-2016-7825?

A directory traversal vulnerability exists in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier. This flaw allows authenticated attackers to execute specially crafted commands, potentially enabling them to read arbitrary files on the device. Successful exploitation could lead to unauthorized access to sensitive information, impacting the overall security of affected systems. Regular firmware updates and security best practices are crucial to mitigating the risks associated with this vulnerability.

Affected Version(s)

WNC01WH firmware version 1.0.0.8 and earlier

References

https://jvn.jp/en/jp/JVN40613060/index.html
third-party-advisoryx_refsource_JVN
http://buffalo.jp/support_s/s20161201.html
x_refsource_CONFIRM
http://www.securityfocus.com/bid/94648
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.