OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.
[
{
"vendor": "BUFFALO INC.",
"product": "WCR-1166DS",
"versions": [
{
"version": "firmware Ver. 1.32 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WSR-1166DHP",
"versions": [
{
"version": "firmware Ver. 1.14 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WSR-1166DHP2",
"versions": [
{
"version": "firmware Ver. 1.14 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WSR-2533DHP",
"versions": [
{
"version": "firmware Ver. 1.06 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WSR-2533DHPL",
"versions": [
{
"version": "firmware Ver. 1.06 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WSR-2533DHP2",
"versions": [
{
"version": "firmware Ver. 1.10 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WSR-A2533DHP2",
"versions": [
{
"version": "firmware Ver. 1.10 and earlier",
"status": "affected"
}
]
}
]