Improper neutralization of argument delimiters in a command (โArgument Injectionโ) vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the productโs command line interface to execute an arbitrary command.
[
{
"vendor": "BUFFALO INC.",
"product": "VR-S1000",
"versions": [
{
"version": "firmware Ver. 2.37 and earlier",
"status": "affected"
}
]
}
]