Vulnerabilities > Buffalo > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-26 | CVE-2023-45741 | OS Command Injection vulnerability in Buffalo Vr-S1000 Firmware VR-S1000 firmware Ver. | 6.8 |
| 2023-12-26 | CVE-2023-46711 | Use of Hard-coded Credentials vulnerability in Buffalo Vr-S1000 Firmware VR-S1000 firmware Ver. | 4.6 |
| 2023-12-26 | CVE-2023-51363 | Unspecified vulnerability in Buffalo Vr-S1000 Firmware VR-S1000 firmware Ver. low complexity buffalo | 6.5 |
| 2023-04-11 | CVE-2023-24464 | Cross-site Scripting vulnerability in Buffalo products Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. | 5.4 |
| 2022-12-19 | CVE-2022-43466 | OS Command Injection vulnerability in Buffalo products OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program. | 6.8 |
| 2022-12-19 | CVE-2022-43486 | Unspecified vulnerability in Buffalo products Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices. low complexity buffalo | 6.8 |
| 2022-12-07 | CVE-2022-34840 | Use of Hard-coded Credentials vulnerability in Buffalo products Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. | 6.5 |
| 2022-12-07 | CVE-2022-39044 | Unspecified vulnerability in Buffalo products Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. low complexity buffalo | 6.8 |
| 2021-06-09 | CVE-2021-20730 | Unspecified vulnerability in Buffalo Wsr-1166Dhp3 Firmware and Wsr-1166Dhp4 Firmware Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors. low complexity buffalo | 4.3 |
| 2021-04-28 | CVE-2021-3511 | Unspecified vulnerability in Buffalo products Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to obtain information such as configuration via unspecified vectors. low complexity buffalo | 4.3 |