CVE-2016-7807
Description
I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors.
References
Third Party AdvisoryVDB Entry
PatchVendor Advisory
Third Party AdvisoryVDB Entry
CvssV3 impact
BaseSeverity | HIGH |
ConfidentialityImpact | HIGH |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | NETWORK |
AvailabilityImpact | NONE |
IntegrityImpact | NONE |
PrivilegesRequired | NONE |
BaseScore | 7.5 |
VectorString | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Version | 3.0 |
UserInteraction | NONE |
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:L/Au:N/C:P/I:N/A:N |
AccessVector | NETWORK |
AccessComplexity | LOW |
Authentication | NONE |
ConfidentialityImpact | PARTIAL |
IntegrityImpact | NONE |
AvailabilityImpact | NONE |
BaseScore | 5 |