Description
The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when "Internet pass-thru Mode" is enabled, which allows attackers with access to STA side LAN can obtain files or data.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Toshiba | FlashAir SD-WD/WC series Class 6 model | affected |
|
||||||
| Toshiba | FlashAir SD-WD/WC series Class 10 model W-02 | affected |
|
||||||
| Toshiba | FlashAir SD-WE series Class 10 model W-03 | affected |
|
||||||
| Toshiba | FlashAir Class 6 model | affected |
|
||||||
| Toshiba | FlashAir II Class 10 model W-02 series | affected |
|
||||||
| Toshiba | FlashAir III Class 10 model W-03 series | affected |
|
||||||
| Toshiba | FlashAir Class 6 model | affected |
|
||||||
| Toshiba | FlashAir W-02 series Class 10 model | affected |
|
||||||
| Toshiba | FlashAir W-03 series Class 10 model | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2016-5843 | The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when "Internet pass-thru Mode" is enabled, which allows attackers with access to STA side LAN can obtain files or data. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jpcert
Published:
Updated: 2024-08-06T00:46:38.522Z
Reserved: 2016-05-17T00:00:00.000Z
Link: CVE-2016-4863
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2017-05-22T16:29:00.217
Modified: 2025-04-20T01:37:25.860
Link: CVE-2016-4863
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses