41 matches found
EUVD-2016-5798
Malware in sbrugna...
EUVD-2016-2239
Malware in sbrugna...
EUVD-2016-8674
Malware in sbrugna...
EUVD-2016-2238
Malware in sbrugna...
EUVD-2022-44212
Malicious code in bioql PyPI...
EUVD-2022-46467
Malicious code in bioql PyPI...
EUVD-2022-46445
Malicious code in bioql PyPI...
CVE-2023-26588
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...
CVE-2023-24464
Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01...
CVE-2022-39044
Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and...
CVE-2021-20716
Hidden functionality in multiple Buffalo network devices BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, WBR-B11 firmware Ver.2.23 and prior, WBR-G54...
BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection
Overview Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability CWE-78. Yoshiki Mori and Masaki Kubo of National Institute of Information and Communications Technology, Cybersecurity Research Laboratory reported this vulnerability to...
CVE-2023-26588
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...
CVE-2023-24544
Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier,...
CVE-2023-24464
Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01...
PT-2023-20753 · Buffalo · Bs-Gs2008P +5
Name of the Vulnerable Software and Affected Versions: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier BS-GSL2016P firmware Ver. 1.10-0.03 and earlier BS-GSL2016 firmware Ver. 1.10-0.03 and earlier BS-GS2008 firmware Ver. 1.0.10.01 and earlier BS-GS2016 firmware Ver. 1.0.10.01 and earlier BS-GS202...
CVE-2022-43486
Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices...
CVE-2022-43443
OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page...
CVE-2022-43466
OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program...
CVE-2022-43466
OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program...