Vulnerabilities > Buffalo
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-26 | CVE-2018-13319 | Information Exposure vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10 Incorrect access control in get_portal_info in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to determine sensitive device information via an unauthenticated POST request. | 5.0 |
2018-11-26 | CVE-2018-13318 | OS Command Injection vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10 System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter. | 6.5 |
2018-04-09 | CVE-2018-0556 | OS Command Injection vulnerability in Buffalo Wzr-1750Dhp2 Firmware Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 8.3 |
2018-04-09 | CVE-2018-0555 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Buffalo Wzr-1750Dhp2 Firmware Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file. | 9.3 |
2018-04-09 | CVE-2018-0554 | Missing Authentication for Critical Function vulnerability in Buffalo Wzr-1750Dhp2 Firmware Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. | 8.3 |
2018-03-09 | CVE-2018-0523 | OS Command Injection vulnerability in Buffalo Wxr-1900Dhp2 Firmware Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 8.3 |
2018-03-09 | CVE-2018-0522 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Buffalo Wxr-1900Dhp2 Firmware Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary code via a specially crafted file. | 6.8 |
2018-03-09 | CVE-2018-0521 | Missing Authentication for Critical Function vulnerability in Buffalo Wxr-1900Dhp2 Firmware Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. | 8.3 |
2017-12-08 | CVE-2017-10897 | Improper Input Validation vulnerability in Buffalo Bbr-4Hg Firmware and Bbr-4Mg Firmware Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors. | 5.5 |
2017-12-08 | CVE-2017-10896 | Cross-site Scripting vulnerability in Buffalo Bbr-4Hg Firmware and Bbr-4Mg Firmware Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |