Lucene search
+L

659 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/20 5:13 a.m.7 views

Multiple vulnerabilities in multiple Buffalo wireless LAN routers

Overview WMR-433 and WMR-433W provided by BUFFALO INC. are wireless LAN routers. WMR-433 and WMR-433W contain multiple vulnerabilities listed below. Cross-site Request Forgery CWE-352 - CVE-2017-2273 Reflected Cross-site Scripting CWE-79 - CVE-2017-2274 Manabu Kobayashi reported this vulnerabilit...

8.8CVSS6.7AI score0.0085EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/20 5:12 a.m.7 views

Multiple Buffalo wireless LAN access point devices do not properly perform authentication

Overview WAPM-1166D and WAPM-APG600H provided by BUFFALO INC. are wireless LAN access point devices. WAPM-1166D and WAPM-APG600H do not properly perform authentication CWE-287. SASABE Tetsuro of The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

10CVSS6.8AI score0.0402EPSS
Exploits0References5
CNVD
CNVD
added 2017/07/20 12:0 a.m.7 views

BUFFALO WAPM-1166D and WAPM-APG600H Cross-Site Scripting Vulnerabilities

The BUFFALO WAPM-1166D and WAPM-APG600H are both wireless LAN access point devices from BUFFALO Japan. A cross-site scripting vulnerability exists in the WMR-433 using firmware version 1.02 and earlier and the WMR-433W using firmware version 1.40 and earlier. A remote attacker can exploit this...

6.1CVSS6.3AI score0.0085EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/20 12:0 a.m.7 views

BUFFALO WAPM-1166D and WAPM-APG600H Cross-Site Request Forgery Vulnerabilities

The BUFFALO WAPM-1166D and WAPM-APG600H are both wireless LAN access point devices from BUFFALO Japan. A cross-site request forgery vulnerability exists in the WMR-433 using firmware version 1.02 and earlier and the WMR-433W using firmware version 1.40 and earlier. A remote attacker could exploit...

8.8CVSS8.8AI score0.00774EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/20 12:0 a.m.73 views

JVN#48413726: Multiple vulnerabilities in multiple Buffalo wireless LAN routers

WMR-433 and WMR-433W provided by BUFFALO INC. are wireless LAN routers. WMR-433 and WMR-433W contain multiple vulnerabilities listed below. Cross-site Request Forgery CWE-352 - CVE-2017-2273 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L| Base Score: 4.3...

8.8CVSS7.4AI score0.0085EPSS
Exploits0
CNVD
CNVD
added 2017/07/20 12:0 a.m.5 views

BUFFALO WAPM-1166D and WAPM-APG600H Authentication Bypass Vulnerabilities

The BUFFALO WAPM-1166D and WAPM-APG600H are both wireless LAN access point devices from BUFFALO Japan. A security vulnerability exists in the WAPM-1166D using firmware version 1.2.7 and earlier and the WAPM-APG600H using firmware version 1.16.1 and earlier. A remote attacker can exploit this...

10CVSS9.7AI score0.0402EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/20 12:0 a.m.53 views

JVN#48823557: Multiple Buffalo wireless LAN access point devices do not properly perform authentication

WAPM-1166D and WAPM-APG600H provided by BUFFALO INC. are wireless LAN access point devices. WAPM-1166D and WAPM-APG600H do not properly perform authentication CWE-287. Impact An attacker who can access the device may log in via telnet without authentication and access the configuration interface ...

10CVSS9.5AI score0.0402EPSS
Exploits0
NVD
NVD
added 2017/06/09 4:29 p.m.10 views

CVE-2016-7825

Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands...

6.5CVSS6.4AI score0.02219EPSS
Exploits0References3
NVD
NVD
added 2017/06/09 4:29 p.m.18 views

CVE-2016-7824

Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...

8.8CVSS8.5AI score0.01578EPSS
Exploits0References3
OSV
OSV
added 2017/06/09 4:29 p.m.4 views

CVE-2016-7824

Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...

8.8CVSS5.8AI score0.01578EPSS
Exploits0References3
OSV
OSV
added 2017/06/09 4:29 p.m.5 views

CVE-2016-7826

Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests...

6.5CVSS5.9AI score0.02219EPSS
Exploits0References3
NVD
NVD
added 2017/06/09 4:29 p.m.15 views

CVE-2016-7826

Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests...

6.5CVSS6.4AI score0.02219EPSS
Exploits0References3
NVD
NVD
added 2017/06/09 4:29 p.m.16 views

CVE-2016-7822

Cross-site request forgery CSRF vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors...

8.8CVSS8.9AI score0.00977EPSS
Exploits0References3
OSV
OSV
added 2017/06/09 4:29 p.m.4 views

CVE-2016-7821

Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors...

6.5CVSS5.8AI score
Exploits0References3
NVD
NVD
added 2017/06/09 4:29 p.m.14 views

CVE-2016-7821

Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors...

6.5CVSS6.5AI score0.0175EPSS
Exploits0References3
Prion
Prion
added 2017/06/09 4:29 p.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors...

6.8CVSS7.8AI score0.00977EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/06/09 4:29 p.m.12 views

Cross site scripting

Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

2.3CVSS6.3AI score0.0048EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/06/09 4:29 p.m.11 views

Authentication flaw

Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...

6.5CVSS7AI score0.01578EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/06/09 4:29 p.m.3 views

CVE-2016-7822

Cross-site request forgery CSRF vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors...

8.8CVSS5.8AI score0.00977EPSS
Exploits0References3
NVD
NVD
added 2017/06/09 4:29 p.m.16 views

CVE-2016-7823

Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS4.4AI score0.0048EPSS
Exploits0References3
Rows per page
Query Builder