Vulnerabilidades en BUFFALO INC.
50 resultadosCVE-2018-0523—Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.EPSS 0.7%CVE-2018-0556—Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.EPSS 0.7%CVE-2017-10896—Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows aEPSS 0.7%CVE-2024-44072MEDIUMOS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management paEPSS 0.6%CVE-2021-20731—WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allow an attacker to execute arbitrary OS commands witEPSS 0.6%CVE-2023-26588HIGHUse of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The aEPSS 0.6%CVE-2017-2152—WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.EPSS 0.6%CVE-2024-23486CRITICALPlaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker wiEPSS 0.6%CVE-2024-26023MEDIUMOS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.EPSS 0.5%CVE-2021-3511—Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and priorEPSS 0.5%CVE-2016-7823—Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inEPSS 0.5%CVE-2025-61941HIGHA path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10. Arbitrary file may be altered by an administrative EPSS 0.5%CVE-2017-10897—Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker tEPSS 0.4%CVE-2026-33280HIGHHidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging fuEPSS 0.4%CVE-2023-24464MEDIUMStored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the proEPSS 0.4%CVE-2021-20730—Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attEPSS 0.4%CVE-2022-43486MEDIUMHidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable EPSS 0.4%CVE-2026-33366MEDIUMMissing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the proEPSS 0.3%CVE-2022-40966HIGHAuthentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and acceEPSS 0.3%CVE-2023-45741—VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commandsEPSS 0.3%