Search

Find a vulnerability

Search criteria

    3 vulnerabilities found for WEX-1166DHPS by BUFFALO INC.

    CVE-2024-44072 (GCVE-0-2024-44072)

    Vulnerability from nvd – Published: 2024-09-10 06:56 – Updated: 2024-09-10 19:58
    VLAI
    Summary
    OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS command may be executed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • OS command injection
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    BUFFALO INC. WHR-1166DHP2 Affected: Ver. 2.95 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-1166DHP3 Affected: Ver. 2.95 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-1166DHP4 Affected: Ver. 2.95 and earlier
    Create a notification for this product.
    BUFFALO INC. WSR-1166DHP3 Affected: Ver. 1.18 and earlier
    Create a notification for this product.
    BUFFALO INC. WSR-600DHP Affected: Ver. 2.93 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-300HPTX/N Affected: Ver. 1.02 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-733DHP2 Affected: Ver. 1.03 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-1166DHP2 Affected: Ver. 1.05 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-1166DHPS Affected: Ver. 1.05 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-300HPS/N Affected: Ver. 1.02 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-733DHPS Affected: Ver. 1.02 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-733DHPTX Affected: Ver. 1.03 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-1166DHP Affected: Ver. 1.23 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-733DHP Affected: Ver. 1.64 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-1166DHP Affected: Ver. 2.92 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-300HP2 Affected: Ver. 2.51 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-600D Affected: Ver. 2.91 and earlier
    Create a notification for this product.
    BUFFALO INC. WMR-300 Affected: Ver. 2.50 and earlier
    Create a notification for this product.
    buffalo_inc whr_1166dhp2 Affected: 0 , ≤ 2.95 (custom)
        cpe:2.3:h:buffalo_inc:whr_1166dhp2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_1166dhp3 Affected: 0 , ≤ 2.95 (custom)
        cpe:2.3:h:buffalo_inc:whr_1166dhp3:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_1166dhp4 Affected: 0 , ≤ 2.95 (custom)
        cpe:2.3:h:buffalo_inc:whr_1166dhp4:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wsr_1166dhp3 Affected: 0 , ≤ 1.18 (custom)
        cpe:2.3:h:buffalo_inc:wsr_1166dhp3:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wsr_600dhp Affected: 0 , ≤ 2.93 (custom)
        cpe:2.3:h:buffalo_inc:wsr_600dhp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_300hptxn Affected: 0 , ≤ 1.02 (custom)
        cpe:2.3:h:buffalo_inc:wex_300hptxn:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_733dhp2 Affected: 0 , ≤ 1.03 (custom)
        cpe:2.3:h:buffalo_inc:wex_733dhp2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_1166dhp2 Affected: 0 , ≤ 1.05 (custom)
        cpe:2.3:h:buffalo_inc:wex_1166dhp2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_1166dhps Affected: 0 , ≤ 1.05 (custom)
        cpe:2.3:h:buffalo_inc:wex_1166dhps:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_300hpsn Affected: 0 , ≤ 1.02 (custom)
        cpe:2.3:h:buffalo_inc:wex_300hpsn:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_733dhps Affected: 0 , ≤ 1.02 (custom)
        cpe:2.3:h:buffalo_inc:wex_733dhps:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_733hptx Affected: 0 , ≤ 1.03 (custom)
        cpe:2.3:h:buffalo_inc:wex_733hptx:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_1166dhp Affected: 0 , ≤ 1.23 (custom)
        cpe:2.3:h:buffalo_inc:wex_1166dhp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_733dhp Affected: 0 , ≤ 1.64 (custom)
        cpe:2.3:h:buffalo_inc:wex_733dhp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_1166dhp Affected: 0 , ≤ 2.92 (custom)
        cpe:2.3:h:buffalo_inc:whr_1166dhp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_300hp2 Affected: 0 , ≤ 2.51 (custom)
        cpe:2.3:h:buffalo_inc:whr_300hp2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_600d Affected: 0 , ≤ 2.91 (custom)
        cpe:2.3:h:buffalo_inc:whr_600d:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wmr_300 Affected: 0 , ≤ 2.50 (custom)
        cpe:2.3:h:buffalo_inc:wmr_300:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_1166dhp2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_1166dhp2",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.95",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_1166dhp3:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_1166dhp3",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.95",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_1166dhp4:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_1166dhp4",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.95",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wsr_1166dhp3:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsr_1166dhp3",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.18",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wsr_600dhp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsr_600dhp",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.93",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_300hptxn:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_300hptxn",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.02",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_733dhp2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_733dhp2",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.03",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_1166dhp2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_1166dhp2",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.05",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_1166dhps:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_1166dhps",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.05",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_300hpsn:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_300hpsn",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.02",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_733dhps:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_733dhps",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.02",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_733hptx:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_733hptx",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.03",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_1166dhp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_1166dhp",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.23",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_733dhp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_733dhp",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.64",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_1166dhp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_1166dhp",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.92",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_300hp2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_300hp2",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.51",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_600d:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_600d",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.91",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wmr_300:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wmr_300",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.50",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 5.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44072",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T18:57:48.477370Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T19:58:39.140Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WHR-1166DHP2",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.95 and earlier"
                }
              ]
            },
            {
              "product": "WHR-1166DHP3",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.95 and earlier"
                }
              ]
            },
            {
              "product": "WHR-1166DHP4",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.95 and earlier"
                }
              ]
            },
            {
              "product": "WSR-1166DHP3",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.18 and earlier"
                }
              ]
            },
            {
              "product": "WSR-600DHP",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.93 and earlier"
                }
              ]
            },
            {
              "product": "WEX-300HPTX/N",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.02 and earlier"
                }
              ]
            },
            {
              "product": "WEX-733DHP2",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.03 and earlier"
                }
              ]
            },
            {
              "product": "WEX-1166DHP2",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.05 and earlier"
                }
              ]
            },
            {
              "product": "WEX-1166DHPS",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.05 and earlier"
                }
              ]
            },
            {
              "product": "WEX-300HPS/N",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.02 and earlier"
                }
              ]
            },
            {
              "product": "WEX-733DHPS",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.02 and earlier"
                }
              ]
            },
            {
              "product": "WEX-733DHPTX",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.03 and earlier"
                }
              ]
            },
            {
              "product": "WEX-1166DHP",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.23 and earlier"
                }
              ]
            },
            {
              "product": "WEX-733DHP",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.64 and earlier"
                }
              ]
            },
            {
              "product": "WHR-1166DHP",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.92 and earlier"
                }
              ]
            },
            {
              "product": "WHR-300HP2",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.51 and earlier"
                }
              ]
            },
            {
              "product": "WHR-600D",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.91 and earlier"
                }
              ]
            },
            {
              "product": "WMR-300",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.50 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product\u0027s specific management page, an arbitrary OS command may be executed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T06:56:44.182Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.buffalo.jp/news/detail/20240719-01.html"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN12824024/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-44072",
        "datePublished": "2024-09-10T06:56:44.182Z",
        "dateReserved": "2024-08-19T02:08:40.600Z",
        "dateUpdated": "2024-09-10T19:58:39.140Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44072 (GCVE-0-2024-44072)

    Vulnerability from cvelistv5 – Published: 2024-09-10 06:56 – Updated: 2024-09-10 19:58
    VLAI
    Summary
    OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS command may be executed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • OS command injection
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    BUFFALO INC. WHR-1166DHP2 Affected: Ver. 2.95 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-1166DHP3 Affected: Ver. 2.95 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-1166DHP4 Affected: Ver. 2.95 and earlier
    Create a notification for this product.
    BUFFALO INC. WSR-1166DHP3 Affected: Ver. 1.18 and earlier
    Create a notification for this product.
    BUFFALO INC. WSR-600DHP Affected: Ver. 2.93 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-300HPTX/N Affected: Ver. 1.02 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-733DHP2 Affected: Ver. 1.03 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-1166DHP2 Affected: Ver. 1.05 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-1166DHPS Affected: Ver. 1.05 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-300HPS/N Affected: Ver. 1.02 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-733DHPS Affected: Ver. 1.02 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-733DHPTX Affected: Ver. 1.03 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-1166DHP Affected: Ver. 1.23 and earlier
    Create a notification for this product.
    BUFFALO INC. WEX-733DHP Affected: Ver. 1.64 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-1166DHP Affected: Ver. 2.92 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-300HP2 Affected: Ver. 2.51 and earlier
    Create a notification for this product.
    BUFFALO INC. WHR-600D Affected: Ver. 2.91 and earlier
    Create a notification for this product.
    BUFFALO INC. WMR-300 Affected: Ver. 2.50 and earlier
    Create a notification for this product.
    buffalo_inc whr_1166dhp2 Affected: 0 , ≤ 2.95 (custom)
        cpe:2.3:h:buffalo_inc:whr_1166dhp2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_1166dhp3 Affected: 0 , ≤ 2.95 (custom)
        cpe:2.3:h:buffalo_inc:whr_1166dhp3:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_1166dhp4 Affected: 0 , ≤ 2.95 (custom)
        cpe:2.3:h:buffalo_inc:whr_1166dhp4:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wsr_1166dhp3 Affected: 0 , ≤ 1.18 (custom)
        cpe:2.3:h:buffalo_inc:wsr_1166dhp3:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wsr_600dhp Affected: 0 , ≤ 2.93 (custom)
        cpe:2.3:h:buffalo_inc:wsr_600dhp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_300hptxn Affected: 0 , ≤ 1.02 (custom)
        cpe:2.3:h:buffalo_inc:wex_300hptxn:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_733dhp2 Affected: 0 , ≤ 1.03 (custom)
        cpe:2.3:h:buffalo_inc:wex_733dhp2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_1166dhp2 Affected: 0 , ≤ 1.05 (custom)
        cpe:2.3:h:buffalo_inc:wex_1166dhp2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_1166dhps Affected: 0 , ≤ 1.05 (custom)
        cpe:2.3:h:buffalo_inc:wex_1166dhps:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_300hpsn Affected: 0 , ≤ 1.02 (custom)
        cpe:2.3:h:buffalo_inc:wex_300hpsn:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_733dhps Affected: 0 , ≤ 1.02 (custom)
        cpe:2.3:h:buffalo_inc:wex_733dhps:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_733hptx Affected: 0 , ≤ 1.03 (custom)
        cpe:2.3:h:buffalo_inc:wex_733hptx:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_1166dhp Affected: 0 , ≤ 1.23 (custom)
        cpe:2.3:h:buffalo_inc:wex_1166dhp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wex_733dhp Affected: 0 , ≤ 1.64 (custom)
        cpe:2.3:h:buffalo_inc:wex_733dhp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_1166dhp Affected: 0 , ≤ 2.92 (custom)
        cpe:2.3:h:buffalo_inc:whr_1166dhp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_300hp2 Affected: 0 , ≤ 2.51 (custom)
        cpe:2.3:h:buffalo_inc:whr_300hp2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc whr_600d Affected: 0 , ≤ 2.91 (custom)
        cpe:2.3:h:buffalo_inc:whr_600d:*:*:*:*:*:*:*:*
    Create a notification for this product.
    buffalo_inc wmr_300 Affected: 0 , ≤ 2.50 (custom)
        cpe:2.3:h:buffalo_inc:wmr_300:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_1166dhp2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_1166dhp2",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.95",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_1166dhp3:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_1166dhp3",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.95",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_1166dhp4:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_1166dhp4",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.95",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wsr_1166dhp3:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsr_1166dhp3",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.18",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wsr_600dhp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsr_600dhp",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.93",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_300hptxn:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_300hptxn",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.02",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_733dhp2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_733dhp2",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.03",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_1166dhp2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_1166dhp2",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.05",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_1166dhps:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_1166dhps",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.05",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_300hpsn:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_300hpsn",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.02",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_733dhps:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_733dhps",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.02",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_733hptx:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_733hptx",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.03",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_1166dhp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_1166dhp",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.23",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wex_733dhp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wex_733dhp",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "1.64",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_1166dhp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_1166dhp",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.92",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_300hp2:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_300hp2",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.51",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:whr_600d:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "whr_600d",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.91",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:buffalo_inc:wmr_300:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wmr_300",
                "vendor": "buffalo_inc",
                "versions": [
                  {
                    "lessThanOrEqual": "2.50",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 5.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44072",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T18:57:48.477370Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T19:58:39.140Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WHR-1166DHP2",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.95 and earlier"
                }
              ]
            },
            {
              "product": "WHR-1166DHP3",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.95 and earlier"
                }
              ]
            },
            {
              "product": "WHR-1166DHP4",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.95 and earlier"
                }
              ]
            },
            {
              "product": "WSR-1166DHP3",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.18 and earlier"
                }
              ]
            },
            {
              "product": "WSR-600DHP",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.93 and earlier"
                }
              ]
            },
            {
              "product": "WEX-300HPTX/N",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.02 and earlier"
                }
              ]
            },
            {
              "product": "WEX-733DHP2",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.03 and earlier"
                }
              ]
            },
            {
              "product": "WEX-1166DHP2",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.05 and earlier"
                }
              ]
            },
            {
              "product": "WEX-1166DHPS",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.05 and earlier"
                }
              ]
            },
            {
              "product": "WEX-300HPS/N",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.02 and earlier"
                }
              ]
            },
            {
              "product": "WEX-733DHPS",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.02 and earlier"
                }
              ]
            },
            {
              "product": "WEX-733DHPTX",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.03 and earlier"
                }
              ]
            },
            {
              "product": "WEX-1166DHP",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.23 and earlier"
                }
              ]
            },
            {
              "product": "WEX-733DHP",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 1.64 and earlier"
                }
              ]
            },
            {
              "product": "WHR-1166DHP",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.92 and earlier"
                }
              ]
            },
            {
              "product": "WHR-300HP2",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.51 and earlier"
                }
              ]
            },
            {
              "product": "WHR-600D",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.91 and earlier"
                }
              ]
            },
            {
              "product": "WMR-300",
              "vendor": "BUFFALO INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Ver. 2.50 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product\u0027s specific management page, an arbitrary OS command may be executed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T06:56:44.182Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.buffalo.jp/news/detail/20240719-01.html"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN12824024/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-44072",
        "datePublished": "2024-09-10T06:56:44.182Z",
        "dateReserved": "2024-08-19T02:08:40.600Z",
        "dateUpdated": "2024-09-10T19:58:39.140Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2024-000087

    Vulnerability from jvndb - Published: 2024-08-23 14:17 - Updated:2024-08-23 14:17
    Severity
    Summary
    BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection
    Details
    Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability (CWE-78). Yoshiki Mori and Masaki Kubo of National Institute of Information and Communications Technology, Cybersecurity Research Laboratory reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000087.html",
      "dc:date": "2024-08-23T14:17+09:00",
      "dcterms:issued": "2024-08-23T14:17+09:00",
      "dcterms:modified": "2024-08-23T14:17+09:00",
      "description": "Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability (CWE-78).\r\n\r\nYoshiki Mori and Masaki Kubo of National Institute of Information and Communications Technology, Cybersecurity Research Laboratory reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000087.html",
      "sec:cpe": [
        {
          "#text": "cpe:/h:buffalo_inc:whr-1166dhp",
          "@product": "WHR-1166DHP",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:whr-300hp2",
          "@product": "WHR-300HP2",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:whr-600d",
          "@product": "WHR-600D",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:wmr-300",
          "@product": "WMR-300",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:buffalo_inc:wsr-600dhp",
          "@product": "WSR-600DHP",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-1166dhp",
          "@product": "WEX-1166DHP",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-1166dhp2",
          "@product": "WEX-1166DHP2",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-1166dhps",
          "@product": "WEX-1166DHPS",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-300hps%2Fn",
          "@product": "WEX-300HPS/N",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-300hptx%2Fn",
          "@product": "WEX-300HPTX/N",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-733dhp",
          "@product": "WEX-733DHP",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-733dhp2",
          "@product": "WEX-733DHP2",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-733dhps",
          "@product": "WEX-733DHPS",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wex-733dhptx",
          "@product": "WEX-733DHPTX",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:whr-1166dhp2",
          "@product": "WHR-1166DHP2",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:whr-1166dhp3",
          "@product": "WHR-1166DHP3",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:whr-1166dhp4",
          "@product": "WHR-1166DHP4",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:buffalo_inc:wsr-1166dhp3",
          "@product": "WSR-1166DHP3",
          "@vendor": "BUFFALO INC.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "7.2",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2024-000087",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN12824024/index.html",
          "@id": "JVN#12824024",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-44072",
          "@id": "CVE-2024-44072",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-78",
          "@title": "OS Command Injection(CWE-78)"
        }
      ],
      "title": "BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection"
    }