What is the severity of CVE-2016-4863?

CVE-2016-4863 has been classified as a moderate severity vulnerability.

How do I fix CVE-2016-4863?

To address CVE-2016-4863, users should update their Toshiba FlashAir products to the latest firmware version.

Which Toshiba FlashAir models are affected by CVE-2016-4863?

The affected models include various FlashAir SD-WD/WC series and FlashAir II devices with specific firmware versions.

Can CVE-2016-4863 lead to unauthorized access?

Yes, CVE-2016-4863 may allow unauthorized access to the contents of the affected FlashAir SD cards.

Is there a known exploit for CVE-2016-4863?

As of now, there are no publicly documented exploits specifically targeting CVE-2016-4863.

Vulnerability/
CVE-2016-4863

medium

4.3

CWE

287

22/5/2017

6/8/2024

CVE-2016-4863

First published: Mon May 22 2017(Updated: )

The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when "Internet pass-thru Mode" is enabled, which allows attackers with access to STA side LAN can obtain files or data.

Credit: vultures@jpcert.or.jp

Affected Software	Affected Version	How to fix
Toshiba FlashAir	<=1.00.03
Toshiba FlashAir	<=1.00.04
Toshiba FlashAir	<=1.00.06
Toshiba FlashAir	<=1.02
Toshiba FlashAir	<=2.00.03
Toshiba FlashAir	<=3.00.01
Toshiba FlashAir	<=3.0.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-4863?
CVE-2016-4863 has been classified as a moderate severity vulnerability.
How do I fix CVE-2016-4863?
To address CVE-2016-4863, users should update their Toshiba FlashAir products to the latest firmware version.
Which Toshiba FlashAir models are affected by CVE-2016-4863?
The affected models include various FlashAir SD-WD/WC series and FlashAir II devices with specific firmware versions.
Can CVE-2016-4863 lead to unauthorized access?
Yes, CVE-2016-4863 may allow unauthorized access to the contents of the affected FlashAir SD cards.
Is there a known exploit for CVE-2016-4863?
As of now, there are no publicly documented exploits specifically targeting CVE-2016-4863.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/weakness
agent/last-modified-date
agent/author
agent/tags
agent/description
agent/first-publish-date
agent/event
agent/source
vendor/toshiba
canonical/toshiba flashair
version/toshiba flashair/1.00.03
version/toshiba flashair/1.00.04
version/toshiba flashair/1.00.06
version/toshiba flashair/1.02
version/toshiba flashair/2.00.03
version/toshiba flashair/3.00.01
version/toshiba flashair/3.0.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.