CVE 2016-7823
Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
See the 
CVE page on Mitre.org
for more details.
