Vulnerabilities > Buffalo
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-19 | CVE-2022-43443 | OS Command Injection vulnerability in Buffalo Wsr-3200Ax4B Firmware 1.25 Buffalo network devices WSR-3200AX4S firmware Ver. | 8.8 |
2022-12-19 | CVE-2022-43466 | OS Command Injection vulnerability in Buffalo Wsr-3200Ax4B Firmware 1.25 Buffalo network devices WSR-3200AX4S firmware Ver. | 6.8 |
2022-12-19 | CVE-2022-43486 | Unspecified vulnerability in Buffalo Wsr-3200Ax4B Firmware 1.25 Hidden functionality vulnerability in Buffalo network devices WSR-3200AX4S firmware Ver. low complexity buffalo | 6.8 |
2022-12-07 | CVE-2022-34840 | Use of Hard-coded Credentials vulnerability in Buffalo products Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. | 6.5 |
2022-12-07 | CVE-2022-39044 | Unspecified vulnerability in Buffalo products Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. low complexity buffalo | 6.8 |
2022-12-07 | CVE-2022-40966 | Improper Authentication vulnerability in Buffalo products Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. | 8.8 |
2021-06-09 | CVE-2021-20730 | Unspecified vulnerability in Buffalo Wsr-1166Dhp3 Firmware and Wsr-1166Dhp4 Firmware Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors. low complexity buffalo | 3.3 |
2021-06-09 | CVE-2021-20731 | OS Command Injection vulnerability in Buffalo Wsr-1166Dhp3 Firmware and Wsr-1166Dhp4 Firmware WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allow an attacker to execute arbitrary OS commands with root privileges via unspecified vectors. | 8.3 |
2021-04-29 | CVE-2021-20090 | Path Traversal vulnerability in Buffalo products A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication. | 7.5 |
2021-04-29 | CVE-2021-20091 | Unspecified vulnerability in Buffalo products The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. | 6.5 |