Vulnerabilities > Buffalo > WMR 433 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-07-22 CVE-2017-2274 Cross-site Scripting vulnerability in Buffalo Wmr-433 Firmware and Wmr-433W Firmware
Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
buffalo CWE-79
4.3
2017-07-22 CVE-2017-2273 Cross-Site Request Forgery (CSRF) vulnerability in Buffalo Wmr-433 Firmware and Wmr-433W Firmware
Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
buffalo CWE-352
6.8