CVE-2023-46681

EPSS 0.3%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

26 Dec 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command.

Affected products

BUFFALO INC. · VR-S1000

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://jvn.jp/en/jp/JVN23771490/https://www.buffalo.jp/news/detail/20231225-01.html