CVE-2016-1135

Name of the Vulnerable Software and Affected Versions BUFFALO BHR-4GRV2 versions 1.04 and earlier BUFFALO WEX-300 versions 1.90 and earlier BUFFALO WHR-1166DHP versions 1.90 and earlier BUFFALO WHR-300HP2 versions 1.90 and earlier BUFFALO WHR-600D versions 1.90 and earlier BUFFALO WMR-300 versions 1.90 and earlier BUFFALO WMR-433 versions 1.01 and earlier BUFFALO WSR-1166DHP versions 1.01 and earlier

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This could potentially lead to unauthorized access or control of the affected devices.

Recommendations For BUFFALO BHR-4GRV2 versions 1.04 and earlier, update to a version later than 1.04. For BUFFALO WEX-300 versions 1.90 and earlier, update to a version later than 1.90. For BUFFALO WHR-1166DHP versions 1.90 and earlier, update to a version later than 1.90. For BUFFALO WHR-300HP2 versions 1.90 and earlier, update to a version later than 1.90. For BUFFALO WHR-600D versions 1.90 and earlier, update to a version later than 1.90. For BUFFALO WMR-300 versions 1.90 and earlier, update to a version later than 1.90. For BUFFALO WMR-433 versions 1.01 and earlier, update to a version later than 1.01. For BUFFALO WSR-1166DHP versions 1.01 and earlier, update to a version later than 1.01.