Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for wnc01wh_firmware by buffalotech

    CVE-2016-7826 (GCVE-0-2016-7826)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.
    Severity
    No CVSS data available.
    CWE
    • Directory traversal
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.025Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Directory traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7826",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Directory traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7826",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7825 (GCVE-0-2016-7825)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.
    Severity
    No CVSS data available.
    CWE
    • Directory traversal
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.054Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Directory traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7825",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Directory traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7825",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.054Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7824 (GCVE-0-2016-7824)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Fails to restrict access
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.104Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to restrict access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7824",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to restrict access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7824",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.104Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7823 (GCVE-0-2016-7823)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.055Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7823",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7823",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7822 (GCVE-0-2016-7822)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Cross-site request forgery
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.103Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site request forgery",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7822",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site request forgery"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7822",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.103Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7821 (GCVE-0-2016-7821)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Denial-of-service (DoS)
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.024Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial-of-service (DoS)",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7821",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial-of-service (DoS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7821",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7823 (GCVE-0-2016-7823)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.055Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7823",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7823",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7824 (GCVE-0-2016-7824)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Fails to restrict access
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.104Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to restrict access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7824",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to restrict access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7824",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.104Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7825 (GCVE-0-2016-7825)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.
    Severity
    No CVSS data available.
    CWE
    • Directory traversal
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.054Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Directory traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7825",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Directory traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7825",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.054Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7822 (GCVE-0-2016-7822)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Cross-site request forgery
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.103Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site request forgery",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7822",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site request forgery"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7822",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.103Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7821 (GCVE-0-2016-7821)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Denial-of-service (DoS)
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.024Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial-of-service (DoS)",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7821",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial-of-service (DoS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7821",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7826 (GCVE-0-2016-7826)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.
    Severity
    No CVSS data available.
    CWE
    • Directory traversal
    Assigner
    References
    URL Tags
    https://jvn.jp/en/jp/JVN40613060/index.html third-party-advisoryx_refsource_JVN
    http://buffalo.jp/support_s/s20161201.html x_refsource_CONFIRM
    http://www.securityfocus.com/bid/94648 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    BUFFALO INC. WNC01WH Affected: firmware version 1.0.0.8 and earlier
    Create a notification for this product.
    Date Public
    2016-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.025Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#40613060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://buffalo.jp/support_s/s20161201.html"
              },
              {
                "name": "94648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WNC01WH",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.0.0.8 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Directory traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#40613060",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://buffalo.jp/support_s/s20161201.html"
            },
            {
              "name": "94648",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7826",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WNC01WH",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "firmware version 1.0.0.8 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "BUFFALO INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Directory traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#40613060",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN40613060/index.html"
                },
                {
                  "name": "http://buffalo.jp/support_s/s20161201.html",
                  "refsource": "CONFIRM",
                  "url": "http://buffalo.jp/support_s/s20161201.html"
                },
                {
                  "name": "94648",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7826",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }