Sign-up

ID

VAR-201601-0400


CVE

CVE-2016-1135


TITLE

Multiple Buffalo network devices vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2016-000006

DESCRIPTION

Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices with firmware 1.90 and earlier, WMR-300 devices with firmware 1.90 and earlier, WMR-433 devices with firmware 1.01 and earlier, and WSR-1166DHP devices with firmware 1.01 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Multiple network devices provided by BUFFALO INC. contain a cross-site scripting vulnerability. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An arbitrary script may be executed on the logged in user's web browser. Buffalo is the wireless router product of the Buffalo Group. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Buffalo BHR-4GRV2 etc

Trust: 2.52

sources: NVD: CVE-2016-1135 // JVNDB: JVNDB-2016-000006 // CNVD: CNVD-2016-00707 // BID: 81548 // VULHUB: VHN-89954

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-00707

AFFECTED PRODUCTS

vendor:buffalotechmodel:whr-300hp2scope:eqversion:1.90

Trust: 1.0

vendor:buffalotechmodel:whr-600dscope:eqversion:1.90

Trust: 1.0

vendor:buffalotechmodel:wsr-1166dhpscope:eqversion:1.01

Trust: 1.0

vendor:buffalotechmodel:wex-300scope:eqversion:1.90

Trust: 1.0

vendor:buffalotechmodel:wmr-433scope:eqversion:1.01

Trust: 1.0

vendor:buffalotechmodel:whr-1166dhpscope:eqversion:1.90

Trust: 1.0

vendor:buffalotechmodel:wmr-300scope:eqversion:1.90

Trust: 1.0

vendor:buffalotechmodel:bhr-4grv2scope:eqversion:1.04

Trust: 1.0

vendor:buffalomodel:bhr-4grv2scope:lteversion:ver.1.04

Trust: 0.8

vendor:buffalomodel:wex-300scope:lteversion:ver.1.90

Trust: 0.8

vendor:buffalomodel:whr-1166dhpscope:lteversion:ver.1.90

Trust: 0.8

vendor:buffalomodel:whr-300hp2scope:lteversion:ver.1.90

Trust: 0.8

vendor:buffalomodel:whr-600dscope:lteversion:ver.1.90

Trust: 0.8

vendor:buffalomodel:wmr-300scope:lteversion:ver.1.90

Trust: 0.8

vendor:buffalomodel:wmr-433scope:lteversion:ver.1.01

Trust: 0.8

vendor:buffalomodel:wsr-1166dhpscope:eqversion:ver.1.01

Trust: 0.8

vendor:buffalomodel:bhr-4grv2scope:lteversion:<=1.04

Trust: 0.6

vendor:buffalomodel:wex-300scope:lteversion:<=1.90

Trust: 0.6

vendor:buffalomodel:whr-1166dhpscope:lteversion:<=1.90

Trust: 0.6

vendor:buffalomodel:whr-300hp2scope:lteversion:<=1.90

Trust: 0.6

vendor:buffalomodel:whr-600dscope:lteversion:<=1.90

Trust: 0.6

vendor:buffalomodel:wmr-300scope:lteversion:<=1.90

Trust: 0.6

vendor:buffalomodel:wmr-433scope:lteversion:<=1.01

Trust: 0.6

vendor:buffalomodel:wsr-1166dhpscope:lteversion:<=1.01

Trust: 0.6

vendor:buffalotechmodel:whr-600dscope:eqversion: -

Trust: 0.6

vendor:buffalotechmodel:whr-300hp2scope:eqversion: -

Trust: 0.6

vendor:buffalotechmodel:wex-300scope:eqversion: -

Trust: 0.6

vendor:buffalotechmodel:whr-1166dhpscope:eqversion: -

Trust: 0.6

vendor:buffalotechmodel:wmr-300scope:eqversion: -

Trust: 0.6

vendor:buffalotechmodel:wsr-1166dhpscope:eqversion: -

Trust: 0.6

vendor:buffalotechmodel:wmr-433scope:eqversion: -

Trust: 0.6

vendor:buffalotechmodel:bhr-4grv2scope:eqversion: -

Trust: 0.6

vendor:buffalomodel:technology wsr-1166dhpscope:eqversion:1.01

Trust: 0.3

vendor:buffalomodel:technology wmr-300scope:eqversion:1.90

Trust: 0.3

vendor:buffalomodel:technology wmr-300scope:eqversion:1.60

Trust: 0.3

vendor:buffalomodel:technology whr-600dscope:eqversion:1.90

Trust: 0.3

vendor:buffalomodel:technology whr-600dscope:eqversion:1.80

Trust: 0.3

vendor:buffalomodel:technology whr-600dscope:eqversion:1.70

Trust: 0.3

vendor:buffalomodel:technology whr-600dscope:eqversion:1.60

Trust: 0.3

vendor:buffalomodel:technology whr-300hp2scope:eqversion:1.90

Trust: 0.3

vendor:buffalomodel:technology whr-300hp2scope:eqversion:1.80

Trust: 0.3

vendor:buffalomodel:technology whr-300hp2scope:eqversion:1.70

Trust: 0.3

vendor:buffalomodel:technology whr-300hp2scope:eqversion:1.60

Trust: 0.3

vendor:buffalomodel:technology whr-1166dhpscope:eqversion:1.90

Trust: 0.3

vendor:buffalomodel:technology whr-1166dhpscope:eqversion:1.80

Trust: 0.3

vendor:buffalomodel:technology whr-1166dhpscope:eqversion:1.70

Trust: 0.3

vendor:buffalomodel:technology whr-1166dhpscope:eqversion:1.60

Trust: 0.3

vendor:buffalomodel:technology wex-300scope:eqversion:1.90

Trust: 0.3

vendor:buffalomodel:technology wex-300scope:eqversion:1.60

Trust: 0.3

vendor:buffalomodel:technology bhr-4grv2scope:eqversion:1.04

Trust: 0.3

sources: CNVD: CNVD-2016-00707 // BID: 81548 // JVNDB: JVNDB-2016-000006 // CNNVD: CNNVD-201601-605 // NVD: CVE-2016-1135

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-1135
value: MEDIUM

Trust: 1.0

IPA: JVNDB-2016-000006
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2016-00707
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201601-605
value: MEDIUM

Trust: 0.6

VULHUB: VHN-89954
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-1135
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2016-000006
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2016-00707
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-89954
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-1135
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.0

IPA: JVNDB-2016-000006
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2016-00707 // VULHUB: VHN-89954 // JVNDB: JVNDB-2016-000006 // CNNVD: CNNVD-201601-605 // NVD: CVE-2016-1135

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-89954 // JVNDB: JVNDB-2016-000006 // NVD: CVE-2016-1135

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201601-605

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201601-605

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-000006

PATCH
title:BUFFALO INC. websiteurl:http://buffalo.jp/support_s/s20141030_2.html
Trust: 0.8
title:Patches for multiple Buffalo product cross-site scripting vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/70910
Trust: 0.6
title:Multiple Buffalo Fixes for product cross-site scripting vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59923
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-00707 // 
            
            
            
            JVNDB: JVNDB-2016-000006 // 
            
            
            
            CNNVD: CNNVD-201601-605

EXTERNAL IDS
db:NVDid:CVE-2016-1135
Trust: 3.4
db:JVNid:JVN49225722
Trust: 3.4
db:JVNDBid:JVNDB-2016-000006
Trust: 2.5
db:CNNVDid:CNNVD-201601-605
Trust: 0.7
db:CNVDid:CNVD-2016-00707
Trust: 0.6
db:BIDid:81548
Trust: 0.4
db:VULHUBid:VHN-89954
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-00707 // 
            
            
            
            VULHUB: VHN-89954 // 
            
            
            
            BID: 81548 // 
            
            
            
            JVNDB: JVNDB-2016-000006 // 
            
            
            
            CNNVD: CNNVD-201601-605 // 
            
            
            
            NVD: CVE-2016-1135

REFERENCES
url:http://jvn.jp/en/jp/jvn49225722/index.html
Trust: 3.4
url:http://jvndb.jvn.jp/jvndb/jvndb-2016-000006
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1135
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1135
Trust: 0.8
url:http://www.buffalotech.com/products/wireless/wireless-n-routers-access-points/
Trust: 0.3
url:http://www.buffalotech.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2016-00707 // 
            
            
            
            VULHUB: VHN-89954 // 
            
            
            
            BID: 81548 // 
            
            
            
            JVNDB: JVNDB-2016-000006 // 
            
            
            
            CNNVD: CNNVD-201601-605 // 
            
            
            
            NVD: CVE-2016-1135

CREDITS
Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc.
Trust: 0.3
sources:
            
            
            BID: 81548

SOURCES
db:CNVDid:CNVD-2016-00707
db:VULHUBid:VHN-89954
db:BIDid:81548
db:JVNDBid:JVNDB-2016-000006
db:CNNVDid:CNNVD-201601-605
db:NVDid:CVE-2016-1135

LAST UPDATE DATE
2024-11-23T22:13:21.106000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-00707date:2016-01-29T00:00:00
db:VULHUBid:VHN-89954date:2016-03-11T00:00:00
db:BIDid:81548date:2016-01-22T00:00:00
db:JVNDBid:JVNDB-2016-000006date:2016-03-10T00:00:00
db:CNNVDid:CNNVD-201601-605date:2016-01-25T00:00:00
db:NVDid:CVE-2016-1135date:2024-11-21T02:45:50.013

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-00707date:2016-01-29T00:00:00
db:VULHUBid:VHN-89954date:2016-01-22T00:00:00
db:BIDid:81548date:2016-01-22T00:00:00
db:JVNDBid:JVNDB-2016-000006date:2016-01-22T00:00:00
db:CNNVDid:CNNVD-201601-605date:2016-01-25T00:00:00
db:NVDid:CVE-2016-1135date:2016-01-22T11:59:06.307