CVE-2016-4863

Published: May 22, 2017Modified: May 13, 2026

4.3

Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when "Internet pass-thru Mode" is enabled, which allows attackers with access to STA side LAN can obtain files or data.

Affected (7)

Products: Toshiba: Flashair

Toshiba

1 product

Flashair

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Toshiba Flashair	Up to 1.00.03
Toshiba Flashair	Up to 1.00.04
Toshiba Flashair	Up to 1.00.06
Toshiba Flashair	Up to 1.02
Toshiba Flashair	Up to 2.00.03
Toshiba Flashair	Up to 3.0.2
Toshiba Flashair	Up to 3.00.01