CVE-2016-7825

MEDIUM

Buffalo WNC01WH Firmware <= 1.0.0.8 - Authenticated Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry third-party-advisory x_refsource_jvn
https://jvn.jp/en/jp/JVN40613060/index.html
Third Party Advisory, VDB Entry x_refsource_confirm
http://buffalo.jp/support_s/s20161201.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94648

Scores

CVSS v3 6.5
EPSS 0.0222
EPSS Percentile 80.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (2)
BUFFALO INC./WNC01WH firmware version 1.0.0.8 and earlier
buffalotech/wnc01wh_firmware < 1.0.0.8
Published Jun 09, 2017
Tracked Since Feb 18, 2026