CVE-2016-7807

Опубликовано: 09 июн. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors.

Ссылки

http://www.iodata.jp/support/information/2016/wfs-sr01/
Patch
Vendor Advisory
http://www.securityfocus.com/bid/94089
Third Party Advisory
VDB Entry
https://jvn.jp/en/jp/JVN18228200/index.html
Third Party Advisory
VDB Entry
http://www.iodata.jp/support/information/2016/wfs-sr01/
Patch
Vendor Advisory
http://www.securityfocus.com/bid/94089
Third Party Advisory
VDB Entry
https://jvn.jp/en/jp/JVN18228200/index.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:iodata:wfs-sr01_firmware:*:*:*:*:*:*:*:*

Версия до 1.10 (включая)

cpe:2.3:h:iodata:wfs-sr01:-:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00752

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-46jq-fg29-4xmw