Vulnerabilities > Buffalo

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2023-49038 OS Command Injection vulnerability in Buffalo Ls210D Firmware 1.780.03
Command injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root.
network
low complexity
buffalo CWE-78
7.2
7.2
2024-01-11 CVE-2023-51073 Unspecified vulnerability in Buffalo Ls210D Firmware 1.780.03
An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/update_notifications.sh.
network
high complexity
buffalo
8.1
8.1
2023-12-26 CVE-2023-45741 OS Command Injection vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo CWE-78
6.8
6.8
2023-12-26 CVE-2023-46681 Argument Injection or Modification vulnerability in Buffalo Vr-S1000 Firmware
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver.
local
low complexity
buffalo CWE-88
7.8
7.8
2023-12-26 CVE-2023-46711 Use of Hard-coded Credentials vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo CWE-798
4.6
4.6
2023-12-26 CVE-2023-51363 Unspecified vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo
6.5
6.5
2023-09-08 CVE-2023-39620 Unspecified vulnerability in Buffalo Terastation NAS 5410R Firmware 5.000.07
An Issue in Buffalo America, Inc.
network
low complexity
buffalo
7.5
7.5
2022-12-19 CVE-2022-43443 OS Command Injection vulnerability in Buffalo products
OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page.
low complexity
buffalo CWE-78
8.8
8.8
2022-12-19 CVE-2022-43466 OS Command Injection vulnerability in Buffalo products
OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.
low complexity
buffalo CWE-78
6.8
6.8
2022-12-19 CVE-2022-43486 Unspecified vulnerability in Buffalo products
Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices.
low complexity
buffalo
6.8
6.8