30 matches found
CVE-2023-45741
VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands...
CVE-2023-51363
VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information...
CVE-2023-46711
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user...
CVE-2023-46681
Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command...
The vulnerability of the BUFFALO VR-S1000 router’s microprogramming software, related to the implementation or modification of arguments, allows a perpetrator to execute arbitrary code.
The vulnerability of the BUFFALO VR-S1000 router’s microprogramming software is related to the implementation or modification of arguments. Exploiting this vulnerability can allow a perpetrator to execute arbitrary code...
The vulnerability of the microprogrammed software of the BUFFALO VR-S1000 routers, related to the use of pre-installed user credentials, allows a intruder to obtain access to the password of any user.
The vulnerability of the BUFFALO VR-S1000 router’s microprogramming software is related to the use of pre-set login credentials. Exploiting this vulnerability could allow a hacker to gain access to the password of any user...
CVE-2023-51363
VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information...
CVE-2023-46681
Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command...
CVE-2023-45741
VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands...
CVE-2023-46711
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user...
CVE-2023-46681
Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command...
CVE-2023-46711
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user...
Design/Logic Flaw
VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands...
Information disclosure
VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information...
Design/Logic Flaw
Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command...
CVE-2023-51363
CVE-2023-51363 affects BUFFALO VR-S1000 firmware versions 2.37 and earlier. A network-adjacent, unauthenticated attacker who can reach the product’s web management page can obtain sensitive information (information disclosure). The issue is documented across multiple sources (NVD/Red Hat/CVE list...
CVE-2023-46711
Buffalo VR-S1000 firmware v2.37 and earlier contains a hard-coded cryptographic key, which may allow an attacker to analyze the passwords of a specific product user. Impact can include disclosure of user credentials; remediation is to update the firmware to a version that does not use a hard-code...
CVE-2023-46681
Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command...
CVE-2023-46681
Buffalo VR-S1000 devices (firmware 2.37 and earlier) are affected by an Argument Injection vulnerability caused by improper neutralization of argument delimiters in the command interface. An authenticated attacker with access to the device’s command line interface can potentially execute arbitrar...
CVE-2023-45741
Summary: CVE-2023-45741 affects Buffalo VR-S1000 firmware prior to 2.42 (specifically 2.37 and earlier) and allows an attacker with access to the device’s web management page to execute arbitrary OS commands. The Red Hat/NVD/JVN entries corroborate that the vulnerability enables network-adjacent ...