CVE-2016-4863
Published: May 22, 2017
Modified: Aug 6, 2024
Description
The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when "Internet pass-thru Mode" is enabled, which allows attackers with access to STA side LAN can obtain files or data.
| Vendor | Product | Versions |
|---|---|---|
Toshiba | FlashAir SD-WD/WC series Class 6 model | affected firmware version 1.00.04 and later |
Toshiba | FlashAir SD-WD/WC series Class 10 model W-02 | affected firmware version 2.00.02 and later |
Toshiba | FlashAir SD-WE series Class 10 model W-03 | affected all firmware versions |
Toshiba | FlashAir Class 6 model | affected firmware version 1.00.04 and later |
Toshiba | FlashAir II Class 10 model W-02 series | affected firmware version 2.00.02 and later |
Toshiba | FlashAir III Class 10 model W-03 series | affected all firmware versions |
Toshiba | FlashAir Class 6 model | affected firmware version 1.00.04 and later |
Toshiba | FlashAir W-02 series Class 10 model | affected firmware version 2.00.02 and later |
Toshiba | FlashAir W-03 series Class 10 model | affected all firmware versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now