OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product’s specific management page, an arbitrary OS command may be executed.
[
{
"vendor": "BUFFALO INC.",
"product": "WHR-1166DHP2",
"versions": [
{
"version": "Ver. 2.95 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WHR-1166DHP3",
"versions": [
{
"version": "Ver. 2.95 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WHR-1166DHP4",
"versions": [
{
"version": "Ver. 2.95 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WSR-1166DHP3",
"versions": [
{
"version": "Ver. 1.18 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WSR-600DHP",
"versions": [
{
"version": "Ver. 2.93 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-300HPTX/N",
"versions": [
{
"version": "Ver. 1.02 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-733DHP2",
"versions": [
{
"version": "Ver. 1.03 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-1166DHP2",
"versions": [
{
"version": "Ver. 1.05 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-1166DHPS",
"versions": [
{
"version": "Ver. 1.05 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-300HPS/N",
"versions": [
{
"version": "Ver. 1.02 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-733DHPS",
"versions": [
{
"version": "Ver. 1.02 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-733DHPTX",
"versions": [
{
"version": "Ver. 1.03 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-1166DHP",
"versions": [
{
"version": "Ver. 1.23 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WEX-733DHP",
"versions": [
{
"version": "Ver. 1.64 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WHR-1166DHP",
"versions": [
{
"version": "Ver. 2.92 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WHR-300HP2",
"versions": [
{
"version": "Ver. 2.51 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WHR-600D",
"versions": [
{
"version": "Ver. 2.91 and earlier",
"status": "affected"
}
]
},
{
"vendor": "BUFFALO INC.",
"product": "WMR-300",
"versions": [
{
"version": "Ver. 2.50 and earlier",
"status": "affected"
}
]
}
]