Vulnerabilities > Buffalo

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2023-49038 OS Command Injection vulnerability in Buffalo Ls210D Firmware 1.780.03
Command injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root.
network
low complexity
buffalo CWE-78
7.2
7.2
2024-01-11 CVE-2023-51073 Unspecified vulnerability in Buffalo Ls210D Firmware 1.780.03
An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/update_notifications.sh.
network
high complexity
buffalo
8.1
8.1
2023-12-26 CVE-2023-45741 OS Command Injection vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo CWE-78
6.8
6.8
2023-12-26 CVE-2023-46681 Argument Injection or Modification vulnerability in Buffalo Vr-S1000 Firmware
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver.
local
low complexity
buffalo CWE-88
7.8
7.8
2023-12-26 CVE-2023-46711 Use of Hard-coded Credentials vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo CWE-798
4.6
4.6
2023-12-26 CVE-2023-51363 Unspecified vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo
6.5
6.5
2023-09-08 CVE-2023-39620 Unspecified vulnerability in Buffalo Terastation NAS 5410R Firmware 5.000.07
An Issue in Buffalo America, Inc.
network
low complexity
buffalo
7.5
7.5
2023-04-11 CVE-2023-24464 Cross-site Scripting vulnerability in Buffalo products
Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser.
network
low complexity
buffalo CWE-79
5.4
5.4
2023-04-11 CVE-2023-24544 Unspecified vulnerability in Buffalo products
Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product.
low complexity
buffalo
8.1
8.1
2023-04-11 CVE-2023-26588 Exposure of Resource to Wrong Sphere vulnerability in Buffalo products
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product.
network
low complexity
buffalo CWE-668
7.5
7.5