Vulnerability Description
Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Buffalo | Wzr-900Dhp2 | - |
| Buffalo | Wzr-900Dhp2 Firmware | <= 2.16 |
| Buffalo | Wzr-600Dhp3 | - |
| Buffalo | Wzr-600Dhp3 Firmware | <= 2.16 |
| Buffalo | Wzr-S900Dhp | - |
| Buffalo | Wzr-S900Dhp Firmware | <= 2.16 |
| Buffalo | Wzr-S600Dhp | - |
| Buffalo | Wzr-S600Dhp Firmware | <= 2.16 |
| Buffalo | Wzr-900Dhp | - |
| Buffalo | Wzr-900Dhp Firmware | <= 1.11 |
| Buffalo | Wzr-600Dhp2 | - |
| Buffalo | Wzr-600Dhp2 Firmware | <= 1.13 |
Related Weaknesses (CWE)
References
- http://buffalo.jp/support_s/s20160527b.htmlPatchVendor Advisory
- http://jvn.jp/en/jp/JVN81698369/index.htmlVendor Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086Vendor Advisory
- http://buffalo.jp/support_s/s20160527b.htmlPatchVendor Advisory
- http://jvn.jp/en/jp/JVN81698369/index.htmlVendor Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086Vendor Advisory
FAQ
What is CVE-2016-4815?
CVE-2016-4815 is a vulnerability with a CVSS score of 7.5 (HIGH). Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files v...
How severe is CVE-2016-4815?
CVE-2016-4815 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-4815?
Check the references section above for vendor advisories and patch information. Affected products include: Buffalo Wzr-900Dhp2, Buffalo Wzr-900Dhp2 Firmware, Buffalo Wzr-600Dhp3, Buffalo Wzr-600Dhp3 Firmware, Buffalo Wzr-S900Dhp.