cvelistv5 - cve-2016-4815

cve-2016-4815

Vulnerability from cvelistv5

Published

2016-06-19 01:00

Modified

2024-08-06 00:39

Severity ?

Summary

References

URL	Tags
vultures@jpcert.or.jp	http://buffalo.jp/support_s/s20160527b.html	Patch, Vendor Advisory
vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN81698369/index.html	Vendor Advisory
vultures@jpcert.or.jp	http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://buffalo.jp/support_s/s20160527b.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN81698369/index.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086	Vendor Advisory

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:39:26.205Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JVN#81698369",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN81698369/index.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://buffalo.jp/support_s/s20160527b.html"
          },
          {
            "name": "JVNDB-2016-000086",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-06-19T01:57:01",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "name": "JVN#81698369",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN81698369/index.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://buffalo.jp/support_s/s20160527b.html"
        },
        {
          "name": "JVNDB-2016-000086",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-4815",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVN#81698369",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN81698369/index.html"
            },
            {
              "name": "http://buffalo.jp/support_s/s20160527b.html",
              "refsource": "CONFIRM",
              "url": "http://buffalo.jp/support_s/s20160527b.html"
            },
            {
              "name": "JVNDB-2016-000086",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2016-4815",
    "datePublished": "2016-06-19T01:00:00",
    "dateReserved": "2016-05-17T00:00:00",
    "dateUpdated": "2024-08-06T00:39:26.205Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4815\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2016-06-19T01:59:10.030\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de salto de directorio en dispositivos BUFFALO WZR-600DHP3 con firmware 2.16 y versiones anteriores y dispositivos WZR-S600DHP con firmware 2.16 y versiones anteriores permite a atacantes remotos leer archivos arbitrarios a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"247B99DF-EE96-40C3-89FC-706DE878ABFE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-900dhp2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.16\",\"matchCriteriaId\":\"69F8C9DD-2F18-4A53-83B6-28203376C5F1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"303225E6-81C0-4A2F-81A3-51E508DDA0EE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-600dhp3_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.16\",\"matchCriteriaId\":\"D7A7ED42-5F7F-4597-BE1F-4CA63EDC5069\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7C186F6-8DE5-4C82-8403-D3BB76069FCE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-s900dhp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.16\",\"matchCriteriaId\":\"05D10EE2-C4A9-42D0-9861-4E91FBF22327\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75434B7A-2633-4981-B99D-33448883BC61\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-s600dhp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.16\",\"matchCriteriaId\":\"59915998-08D7-4FFC-B240-09F8EA216B1E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8BD47F3-29D0-4B34-A346-C0042FBD75ED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-900dhp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.11\",\"matchCriteriaId\":\"F0D917DA-1562-471B-97AF-81C4E58E4CD8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9271B665-2267-4C24-92FD-B1CBCB2F0F59\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-600dhp2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.13\",\"matchCriteriaId\":\"79ECCA31-34CB-4B1E-931C-752AB6E6CAD8\"}]}]}],\"references\":[{\"url\":\"http://buffalo.jp/support_s/s20160527b.html\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://jvn.jp/en/jp/JVN81698369/index.html\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://buffalo.jp/support_s/s20160527b.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://jvn.jp/en/jp/JVN81698369/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2016-4815

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-4815

Aliases

CVE-2016-4815

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-4815",
    "description": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.",
    "id": "GSD-2016-4815"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-4815"
      ],
      "details": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.",
      "id": "GSD-2016-4815",
      "modified": "2023-12-13T01:21:18.316321Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2016-4815",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "JVN#81698369",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN81698369/index.html"
          },
          {
            "name": "http://buffalo.jp/support_s/s20160527b.html",
            "refsource": "CONFIRM",
            "url": "http://buffalo.jp/support_s/s20160527b.html"
          },
          {
            "name": "JVNDB-2016-000086",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:buffalo:wzr-900dhp2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.16",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:buffalo:wzr-600dhp3_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.16",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:buffalo:wzr-s900dhp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.16",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:buffalo:wzr-s600dhp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.16",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:buffalo:wzr-900dhp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.11",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:buffalo:wzr-600dhp2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.13",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2016-4815"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://buffalo.jp/support_s/s20160527b.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://buffalo.jp/support_s/s20160527b.html"
            },
            {
              "name": "JVNDB-2016-000086",
              "refsource": "JVNDB",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086"
            },
            {
              "name": "JVN#81698369",
              "refsource": "JVN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://jvn.jp/en/jp/JVN81698369/index.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2016-06-21T13:04Z",
      "publishedDate": "2016-06-19T01:59Z"
    }
  }
}

ghsa-5f7h-72v6-mhp9

Vulnerability from github

Published

2022-05-17 03:53

Modified

2022-05-17 03:53

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-4815"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-06-19T01:59:00Z",
    "severity": "HIGH"
  },
  "details": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.",
  "id": "GHSA-5f7h-72v6-mhp9",
  "modified": "2022-05-17T03:53:05Z",
  "published": "2022-05-17T03:53:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4815"
    },
    {
      "type": "WEB",
      "url": "http://buffalo.jp/support_s/s20160527b.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN81698369/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000086"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

cve-2016-4815

Vulnerability from jvndb

Published

2016-05-27 13:53

Modified

2016-06-27 14:58

Severity ?

6.5 (Medium) - cvssV3_0 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

Multiple Buffalo wireless LAN routers vulnerable to directory traversal

Details

Multiple wireless LAN routers provided by BUFFALO INC. contain a directory traversal vulnerability (CWE-22). Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVN81698369/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4815
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4815
	Path Traversal(CWE-22)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	BUFFALO INC.	WZR-600DHP3 firmware
	BUFFALO INC.	WZR-S600DHP firmware

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000086.html",
  "dc:date": "2016-06-27T14:58+09:00",
  "dcterms:issued": "2016-05-27T13:53+09:00",
  "dcterms:modified": "2016-06-27T14:58+09:00",
  "description": "Multiple wireless LAN routers provided by BUFFALO INC. contain a directory traversal vulnerability (CWE-22).\r\n\r\nToshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000086.html",
  "sec:cpe": [
    {
      "#text": "cpe:/o:buffalo_inc:wzr-600dhp3_firmware",
      "@product": "WZR-600DHP3 firmware",
      "@vendor": "BUFFALO INC.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:buffalo_inc:wzr-s600dhp_firmware",
      "@product": "WZR-S600DHP firmware",
      "@vendor": "BUFFALO INC.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": [
    {
      "@score": "3.3",
      "@severity": "Low",
      "@type": "Base",
      "@vector": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
      "@version": "2.0"
    },
    {
      "@score": "6.5",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2016-000086",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN81698369/index.html",
      "@id": "JVN#81698369",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4815",
      "@id": "CVE-2016-4815",
      "@source": "CVE"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4815",
      "@id": "CVE-2016-4815",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-22",
      "@title": "Path Traversal(CWE-22)"
    }
  ],
  "title": "Multiple Buffalo wireless LAN routers vulnerable to directory traversal"
}

var-201606-0174

Vulnerability from variot

Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors. Multiple wireless LAN routers provided by BUFFALO INC. contain a directory traversal vulnerability (CWE-22). Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Arbitrary files on the server may be viewed by an attacker who can access the product. An attacker could exploit this vulnerability to read any file on the server. Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application. Information obtained could aid in further attacks. The following versions are affected: WZR-S600DHP firmware version 2.16 and prior. WZR-600DHP3 firmware version 2.16 and prior

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201606-0174",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wzr-600dhp3",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "buffalo",
        "version": "2.16"
      },
      {
        "model": "wzr-900dhp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "buffalo",
        "version": "1.11"
      },
      {
        "model": "wzr-600dhp2",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "buffalo",
        "version": "1.13"
      },
      {
        "model": "wzr-s600dhp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "buffalo",
        "version": "2.16"
      },
      {
        "model": "wzr-s900dhp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "buffalo",
        "version": "2.16"
      },
      {
        "model": "wzr-900dhp2",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "buffalo",
        "version": "2.16"
      },
      {
        "model": "wzr-600dhp3",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "buffalo",
        "version": "ver.2.16"
      },
      {
        "model": "wzr-s600dhp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "buffalo",
        "version": "ver.2.16"
      },
      {
        "model": "wzr-600dhp3 \u003c=ver.2.16",
        "scope": null,
        "trust": 0.6,
        "vendor": "buffalo",
        "version": null
      },
      {
        "model": "wzr-s600dhp \u003c=ver.2.16",
        "scope": null,
        "trust": 0.6,
        "vendor": "buffalo",
        "version": null
      },
      {
        "model": "wzr-900dhp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "buffalo",
        "version": null
      },
      {
        "model": "wzr-s600dhp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "buffalo",
        "version": null
      },
      {
        "model": "wzr-600dhp3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "buffalo",
        "version": null
      },
      {
        "model": "wzr-900dhp2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "buffalo",
        "version": null
      },
      {
        "model": "wzr-600dhp2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "buffalo",
        "version": null
      },
      {
        "model": "wzr-s900dhp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "buffalo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4815"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:buffalo_inc:wzr-600dhp3_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:buffalo_inc:wzr-s600dhp_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc.",
    "sources": [
      {
        "db": "BID",
        "id": "90903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2016-4815",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2016-4815",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 3.3,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2016-000086",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2016-03693",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-93634",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2016-4815",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2016-000086",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-4815",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2016-000086",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-03693",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201605-675",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-93634",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "db": "VULHUB",
        "id": "VHN-93634"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4815"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors. Multiple wireless LAN routers provided by BUFFALO INC. contain a directory traversal vulnerability (CWE-22). Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Arbitrary files on the server may be viewed by an attacker who can access the product. An attacker could exploit this vulnerability to read any file on the server. \nRemote attackers may use a specially crafted request with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files from the affected system in the context of the application. Information obtained could aid in further attacks. \nThe following versions are affected:\nWZR-S600DHP firmware version 2.16 and prior. \nWZR-600DHP3 firmware version 2.16 and prior",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4815"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "db": "BID",
        "id": "90903"
      },
      {
        "db": "VULHUB",
        "id": "VHN-93634"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-4815",
        "trust": 3.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086",
        "trust": 3.1
      },
      {
        "db": "JVN",
        "id": "JVN81698369",
        "trust": 3.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "90903",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-93634",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "db": "VULHUB",
        "id": "VHN-93634"
      },
      {
        "db": "BID",
        "id": "90903"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4815"
      }
    ]
  },
  "id": "VAR-201606-0174",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "db": "VULHUB",
        "id": "VHN-93634"
      }
    ],
    "trust": 1.1614087325
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      }
    ]
  },
  "last_update_date": "2024-08-14T14:52:11.143000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "BUFFALO INC. website",
        "trust": 0.8,
        "url": "http://buffalo.jp/support_s/s20160527b.html"
      },
      {
        "title": "BuffaloWZR-S600DHP and WZR-600DHP3 Directory Traversal Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/76686"
      },
      {
        "title": "Buffalo WZR-S600DHP  and WZR-600DHP3 Fixes for directory traversal vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61985"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93634"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4815"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://jvn.jp/en/jp/jvn81698369/index.html"
      },
      {
        "trust": 2.3,
        "url": "http://jvndb.jvn.jp/jvndb/jvndb-2016-000086"
      },
      {
        "trust": 1.7,
        "url": "http://buffalo.jp/support_s/s20160527b.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4815"
      },
      {
        "trust": 0.8,
        "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4815"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "db": "VULHUB",
        "id": "VHN-93634"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4815"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "db": "VULHUB",
        "id": "VHN-93634"
      },
      {
        "db": "BID",
        "id": "90903"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4815"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-05-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "date": "2016-06-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-93634"
      },
      {
        "date": "2016-05-27T00:00:00",
        "db": "BID",
        "id": "90903"
      },
      {
        "date": "2016-05-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "date": "2016-05-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      },
      {
        "date": "2016-06-19T01:59:10.030000",
        "db": "NVD",
        "id": "CVE-2016-4815"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-05-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-03693"
      },
      {
        "date": "2016-06-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-93634"
      },
      {
        "date": "2016-05-27T00:00:00",
        "db": "BID",
        "id": "90903"
      },
      {
        "date": "2016-06-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      },
      {
        "date": "2016-06-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      },
      {
        "date": "2016-06-21T13:04:02.330000",
        "db": "NVD",
        "id": "CVE-2016-4815"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple Buffalo wireless LAN routers vulnerable to directory traversal",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-000086"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-675"
      }
    ],
    "trust": 0.6
  }
}

Action not permitted

cve-2016-4815

Vulnerability from cvelistv5

gsd-2016-4815

Vulnerability from gsd

ghsa-5f7h-72v6-mhp9

Vulnerability from github

cve-2016-4815

Vulnerability from jvndb

var-201606-0174

Vulnerability from variot

Tags