Vulnerabilities > Buffalo > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-26 CVE-2023-45741 OS Command Injection vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo CWE-78
6.8
6.8
2023-12-26 CVE-2023-46711 Use of Hard-coded Credentials vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo CWE-798
4.6
4.6
2023-12-26 CVE-2023-51363 Unspecified vulnerability in Buffalo Vr-S1000 Firmware
VR-S1000 firmware Ver.
low complexity
buffalo
6.5
6.5
2022-12-19 CVE-2022-43466 OS Command Injection vulnerability in Buffalo products
OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.
low complexity
buffalo CWE-78
6.8
6.8
2022-12-19 CVE-2022-43486 Unspecified vulnerability in Buffalo products
Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices.
low complexity
buffalo
6.8
6.8
2022-12-07 CVE-2022-34840 Use of Hard-coded Credentials vulnerability in Buffalo products
Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device.
low complexity
buffalo CWE-798
6.5
6.5
2022-12-07 CVE-2022-39044 Unspecified vulnerability in Buffalo products
Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command.
low complexity
buffalo
6.8
6.8
2021-04-29 CVE-2021-20091 Unspecified vulnerability in Buffalo products
The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input.
network
low complexity
buffalo
6.5
6.5
2021-04-29 CVE-2021-20092 Improper Authentication vulnerability in Buffalo products
The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.
network
low complexity
buffalo CWE-287
5.0
5.0
2020-09-18 CVE-2020-5606 Cross-site Scripting vulnerability in Buffalo Airstation Whr-G54S Firmware
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page.
network
buffalo CWE-79
4.3
4.3