Vulnerabilities > Buffalo

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-19	CVE-2022-43443	OS Command Injection vulnerability in Buffalo products OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page. low complexity buffalo CWE-78	8.8
2022-12-19	CVE-2022-43466	OS Command Injection vulnerability in Buffalo products OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program. low complexity buffalo CWE-78	6.8
2022-12-19	CVE-2022-43486	Unspecified vulnerability in Buffalo products Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices. low complexity buffalo	6.8
2022-12-07	CVE-2022-34840	Use of Hard-coded Credentials vulnerability in Buffalo products Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. low complexity buffalo CWE-798	6.5
2022-12-07	CVE-2022-39044	Unspecified vulnerability in Buffalo products Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. low complexity buffalo	6.8
2022-12-07	CVE-2022-40966	Improper Authentication vulnerability in Buffalo products Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. low complexity buffalo CWE-287	8.8
2021-06-09	CVE-2021-20730	Unspecified vulnerability in Buffalo Wsr-1166Dhp3 Firmware and Wsr-1166Dhp4 Firmware Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors. low complexity buffalo	4.3
2021-06-09	CVE-2021-20731	OS Command Injection vulnerability in Buffalo Wsr-1166Dhp3 Firmware and Wsr-1166Dhp4 Firmware WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allow an attacker to execute arbitrary OS commands with root privileges via unspecified vectors. low complexity buffalo CWE-78	8.8
2021-04-29	CVE-2021-20090	Path Traversal vulnerability in Buffalo products A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication. network low complexity buffalo CWE-22 critical	9.8
2021-04-29	CVE-2021-20091	Unspecified vulnerability in Buffalo products The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. network low complexity buffalo	8.8

Vulnerabilities > Buffalo {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Buffalo"}]}

Vulnerabilities > Buffalo