Vulnerabilities > Buffalo

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-26	CVE-2018-13319	Information Exposure vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10 Incorrect access control in get_portal_info in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to determine sensitive device information via an unauthenticated POST request. network low complexity buffalo CWE-200	5.0
2018-11-26	CVE-2018-13318	OS Command Injection vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10 System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter. network low complexity buffalo CWE-78	6.5
2018-04-09	CVE-2018-0556	OS Command Injection vulnerability in Buffalo Wzr-1750Dhp2 Firmware Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. low complexity buffalo CWE-78	8.3
2018-04-09	CVE-2018-0555	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Buffalo Wzr-1750Dhp2 Firmware Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file. network buffalo CWE-119 critical	9.3
2018-04-09	CVE-2018-0554	Missing Authentication for Critical Function vulnerability in Buffalo Wzr-1750Dhp2 Firmware Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. low complexity buffalo CWE-306	8.3
2018-03-09	CVE-2018-0523	OS Command Injection vulnerability in Buffalo Wxr-1900Dhp2 Firmware Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. low complexity buffalo CWE-78	8.3
2018-03-09	CVE-2018-0522	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Buffalo Wxr-1900Dhp2 Firmware Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary code via a specially crafted file. network buffalo CWE-119	6.8
2018-03-09	CVE-2018-0521	Missing Authentication for Critical Function vulnerability in Buffalo Wxr-1900Dhp2 Firmware Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. low complexity buffalo CWE-306	8.3
2017-12-08	CVE-2017-10897	Improper Input Validation vulnerability in Buffalo Bbr-4Hg Firmware and Bbr-4Mg Firmware Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors. low complexity buffalo CWE-20	5.5
2017-12-08	CVE-2017-10896	Cross-site Scripting vulnerability in Buffalo Bbr-4Hg Firmware and Bbr-4Mg Firmware Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. network buffalo CWE-79	4.3

Vulnerabilities > Buffalo {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Buffalo"}]}

Vulnerabilities > Buffalo