6 matches found
CVE-2025-61871
NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
EUVD-2025-33659
NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-61871
NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-61871
NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-61871
NAS Navigator2 for Windows (BUFFALO INC.) is affected by an unquoted service path issue (CWE-428) that allows a user with write access to the system drive root to execute arbitrary code with SYSTEM privileges. The root cause is an unquoted file path used when registering a Windows service. Docume...
Buffalo NAS Navigator2 代码问题漏洞
Buffalo NAS Navigator2 is a network storage device management tool from Buffalo Japan. A code issue vulnerability exists in Buffalo NAS Navigator2 versions prior to 3.12.0 that stems from a Windows service registering unquoted file paths, which could lead to the execution of arbitrary code by a...