CVE-2016-4816

MEDIUM

Buffalo Wzr-600dhp3 Firmware < 2.16 - Information Disclosure

Title source: rule

Description

BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors.

References (3)

[Patch, Vendor Advisory] http://buffalo.jp/support_s/s20160527a.html

[Vendor Advisory] http://jvn.jp/en/jp/JVN75813272/index.html

[Vendor Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2016-000087

Scores

CVSS v3 6.5

EPSS 0.0038

EPSS Percentile 58.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Classification

CWE

CWE-200

Status draft

Affected Products (34)

buffalo/wzr-600dhp3_firmware < 2.16

buffalo/hw-450hp-zwe_firmware < 1.91

buffalo/wzr-hp-g450h_firmware < 1.87

buffalo/wzr-450hp_firmware < 1.97

buffalo/wzr-900dhp2_firmware < 2.16

buffalo/wcr-300_firmware < 1.86

buffalo/wzr-450hp-cwt_firmware < 1.92

buffalo/wzr-hp-g301nh_firmware < 1.81

buffalo/wxr-1750dhp_firmware < 2.42

buffalo/wzr-600dhp_firmware

buffalo/wzr-1750dhp_firmware < 2.28

buffalo/wzr-s1750dhp_firmware < 2.28

buffalo/whr-300_firmware < 1.96

buffalo/wzr-s600dhp_firmware < 2.16

buffalo/wzr-hp-g302h_firmware < 1.83

... and 19 more

Timeline

Published Jun 19, 2016

Tracked Since Feb 18, 2026