659 matches found
Multiple vulnerabilities in multiple Buffalo wireless LAN routers
Overview WMR-433 and WMR-433W provided by BUFFALO INC. are wireless LAN routers. WMR-433 and WMR-433W contain multiple vulnerabilities listed below. Cross-site Request Forgery CWE-352 - CVE-2017-2273 Reflected Cross-site Scripting CWE-79 - CVE-2017-2274 Manabu Kobayashi reported this vulnerabilit...
Multiple Buffalo wireless LAN access point devices do not properly perform authentication
Overview WAPM-1166D and WAPM-APG600H provided by BUFFALO INC. are wireless LAN access point devices. WAPM-1166D and WAPM-APG600H do not properly perform authentication CWE-287. SASABE Tetsuro of The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...
BUFFALO WAPM-1166D and WAPM-APG600H Cross-Site Scripting Vulnerabilities
The BUFFALO WAPM-1166D and WAPM-APG600H are both wireless LAN access point devices from BUFFALO Japan. A cross-site scripting vulnerability exists in the WMR-433 using firmware version 1.02 and earlier and the WMR-433W using firmware version 1.40 and earlier. A remote attacker can exploit this...
BUFFALO WAPM-1166D and WAPM-APG600H Cross-Site Request Forgery Vulnerabilities
The BUFFALO WAPM-1166D and WAPM-APG600H are both wireless LAN access point devices from BUFFALO Japan. A cross-site request forgery vulnerability exists in the WMR-433 using firmware version 1.02 and earlier and the WMR-433W using firmware version 1.40 and earlier. A remote attacker could exploit...
JVN#48413726: Multiple vulnerabilities in multiple Buffalo wireless LAN routers
WMR-433 and WMR-433W provided by BUFFALO INC. are wireless LAN routers. WMR-433 and WMR-433W contain multiple vulnerabilities listed below. Cross-site Request Forgery CWE-352 - CVE-2017-2273 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L| Base Score: 4.3...
BUFFALO WAPM-1166D and WAPM-APG600H Authentication Bypass Vulnerabilities
The BUFFALO WAPM-1166D and WAPM-APG600H are both wireless LAN access point devices from BUFFALO Japan. A security vulnerability exists in the WAPM-1166D using firmware version 1.2.7 and earlier and the WAPM-APG600H using firmware version 1.16.1 and earlier. A remote attacker can exploit this...
JVN#48823557: Multiple Buffalo wireless LAN access point devices do not properly perform authentication
WAPM-1166D and WAPM-APG600H provided by BUFFALO INC. are wireless LAN access point devices. WAPM-1166D and WAPM-APG600H do not properly perform authentication CWE-287. Impact An attacker who can access the device may log in via telnet without authentication and access the configuration interface ...
CVE-2016-7825
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands...
CVE-2016-7824
Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...
CVE-2016-7824
Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...
CVE-2016-7826
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests...
CVE-2016-7826
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests...
CVE-2016-7822
Cross-site request forgery CSRF vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors...
CVE-2016-7821
Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors...
CVE-2016-7821
Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors...
Cross site scripting
Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...
Authentication flaw
Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...
CVE-2016-7822
Cross-site request forgery CSRF vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors...
CVE-2016-7823
Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...