Search

Find a vulnerability

Search criteria

    1 vulnerability found for BHR-4GRV2 by BUFFALO INC.

    JVNDB-2015-000085

    Vulnerability from jvndb - Published: 2015-06-05 14:16 - Updated:2015-06-10 17:54
    Severity
    N/A (UNKNOWN) - -
    Summary
    Multiple Buffalo wireless LAN routers vulnerable to OS command injection
    Details
    Multiple wireless LAN routers provided by BUFFALO INC. contain an OS command injection vulnerability. Masashi Sakai, Satoshi Ogawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000085.html",
      "dc:date": "2015-06-10T17:54+09:00",
      "dcterms:issued": "2015-06-05T14:16+09:00",
      "dcterms:modified": "2015-06-10T17:54+09:00",
      "description": "Multiple wireless LAN routers provided by BUFFALO INC. contain an OS command injection vulnerability.\r\n\r\nMasashi Sakai, Satoshi Ogawa reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000085.html",
      "sec:cpe": [
        {
          "#text": "cpe:/h:buffalo_inc:bhr-4grv2",
          "@product": "BHR-4GRV2",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:wex-300",
          "@product": "WEX-300",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:whr-1166dhp",
          "@product": "WHR-1166DHP",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:whr-300hp2",
          "@product": "WHR-300HP2",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:whr-600d",
          "@product": "WHR-600D",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:wmr-300",
          "@product": "WMR-300",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:wsr-600dhp",
          "@product": "WSR-600DHP",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.2",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2015-000085",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN50447904/index.html",
          "@id": "JVN#50447904",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9284",
          "@id": "CVE-2014-9284",
          "@source": "CVE"
        },
        {
          "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9284",
          "@id": "CVE-2014-9284",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-78",
          "@title": "OS Command Injection(CWE-78)"
        }
      ],
      "title": "Multiple Buffalo wireless LAN routers vulnerable to OS command injection"
    }