Lucene search

K
cve[email protected]CVE-2024-26023
HistoryApr 15, 2024 - 11:15 a.m.

CVE-2024-26023

2024-04-1511:15:08
web.nvd.nist.gov
28
cve-2024-26023
os command injection
buffalo
wireless lan routers
logged-in user
execute
arbitrary os commands
nvd

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.

Affected configurations

Vulners
Node
buffalowcr-1166dsMatch1.32
OR
buffalowzr-1166dhpMatch1.14
OR
buffalowzr-1166dhp2Match1.14
OR
buffalowsr-2533dhpMatch1.06
OR
buffalowsr-2533dhplMatch1.06
OR
buffalowsr-2533dhp2Match1.10
OR
buffalowsr-a2533dhp2Match1.10
VendorProductVersionCPE
buffalowcr\-1166ds1.32cpe:2.3:h:buffalo:wcr\-1166ds:1.32:*:*:*:*:*:*:*
buffalowzr\-1166dhp1.14cpe:2.3:h:buffalo:wzr\-1166dhp:1.14:*:*:*:*:*:*:*
buffalowzr\-1166dhp21.14cpe:2.3:h:buffalo:wzr\-1166dhp2:1.14:*:*:*:*:*:*:*
buffalowsr\-2533dhp1.06cpe:2.3:h:buffalo:wsr\-2533dhp:1.06:*:*:*:*:*:*:*
buffalowsr\-2533dhpl1.06cpe:2.3:h:buffalo:wsr\-2533dhpl:1.06:*:*:*:*:*:*:*
buffalowsr\-2533dhp21.10cpe:2.3:h:buffalo:wsr\-2533dhp2:1.10:*:*:*:*:*:*:*
buffalowsr\-a2533dhp21.10cpe:2.3:h:buffalo:wsr\-a2533dhp2:1.10:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "BUFFALO INC.",
    "product": "WCR-1166DS",
    "versions": [
      {
        "version": "firmware Ver. 1.32 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "BUFFALO INC.",
    "product": "WSR-1166DHP",
    "versions": [
      {
        "version": "firmware Ver. 1.14 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "BUFFALO INC.",
    "product": "WSR-1166DHP2",
    "versions": [
      {
        "version": "firmware Ver. 1.14 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "BUFFALO INC.",
    "product": "WSR-2533DHP",
    "versions": [
      {
        "version": "firmware Ver. 1.06 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "BUFFALO INC.",
    "product": "WSR-2533DHPL",
    "versions": [
      {
        "version": "firmware Ver. 1.06 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "BUFFALO INC.",
    "product": "WSR-2533DHP2",
    "versions": [
      {
        "version": "firmware Ver. 1.10 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "BUFFALO INC.",
    "product": "WSR-A2533DHP2",
    "versions": [
      {
        "version": "firmware Ver. 1.10 and earlier",
        "status": "affected"
      }
    ]
  }
]

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for CVE-2024-26023