Vulnerability Description
Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file permissions vulnerability that allows authenticated attackers to read the /etc/shadow file by uploading and executing a PHP file through the webserver. Attackers can exploit world-readable permissions on /etc/shadow to retrieve hashed passwords for all configured accounts including root.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Buffaloamericas | Terastation Nas Ts5400R Firmware | <= 4.02-0.06 |
| Buffaloamericas | Terastation Nas Ts5400R | - |
Related Weaknesses (CWE)
References
- https://buffaloamericas.com/Product
- https://www.vulncheck.com/advisories/buffalo-terastation-ts5400r-excessive-file-Third Party Advisory
FAQ
What is CVE-2026-29516?
CVE-2026-29516 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file permissions vulnerability that allows authenticated attackers to read the /etc/shadow file by uploading a...
How severe is CVE-2026-29516?
CVE-2026-29516 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-29516?
Check the references section above for vendor advisories and patch information. Affected products include: Buffaloamericas Terastation Nas Ts5400R Firmware, Buffaloamericas Terastation Nas Ts5400R.