Search criteria
5 vulnerabilities found for wzr-900dhp by buffalo
VAR-202210-0050
Vulnerability from variot - Updated: 2025-04-25 01:39Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WLI-TX4-AG300N firmware Ver. 1.53 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WZR2-G108 firmware Ver. 1.33 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, and WZR-HP-G450H firmware Ver. 1.90 and earlier. Multiple network devices provided by BUFFALO CORPORATION contain the following vulnerabilities. * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-39044 It was * Use hard-coded credentials (CWE-798) - CVE-2022-34840 It was * authentication bypass (CWE-288) - CVE-2022-40966 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. It was * A user logged into the product accesses the debug function and any OS command is executed - CVE-2022-39044 It was * The setting of the product is changed by a third party on an adjacent network - CVE-2022-34840 It was * A third party on an adjacent network circumvents authentication and accesses the product illegally - CVE-2022-40966. Buffalo firmware is a network device from the Japanese company Buffalo.
A security vulnerability exists in Buffalo Wi-Fi devices. Order. 1.90 and previous versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202210-0050",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "whr-300hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-ampg144nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.49"
},
{
"model": "wer-ag54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr2-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.55"
},
{
"model": "wcr-300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.87"
},
{
"model": "whr-hp-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-hp-gn",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.87"
},
{
"model": "wzr-d1100h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-agl300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.55"
},
{
"model": "wlae-ag300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.86"
},
{
"model": "whr-g",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.49"
},
{
"model": "wer-am54g54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "ws024bf",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.60"
},
{
"model": "wzr-450hp-ub",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "fs-hp-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.33"
},
{
"model": "wli-h4-d600",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.88"
},
{
"model": "wzr-300hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-hp-g450h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.90"
},
{
"model": "whr-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.65"
},
{
"model": "dwr-hp-g300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.84"
},
{
"model": "bhr-4grv",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-amg54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "fs-600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.40"
},
{
"model": "whr-g54s-ni",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.24"
},
{
"model": "fs-r600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.40"
},
{
"model": "whr-am54g54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-ampg300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.51"
},
{
"model": "ws024bf-nw",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.60"
},
{
"model": "whr-300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-hp-ampg",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.49"
},
{
"model": "wli-tx4-ag300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.53"
},
{
"model": "wer-amg54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-g144n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.48"
},
{
"model": "whr-g54s",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-hp-g302h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.86"
},
{
"model": "hw-450hp-zwe",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-hp-g54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-600dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.15"
},
{
"model": "wzr-g144nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.48"
},
{
"model": "wzr-hp-g301nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.84"
},
{
"model": "wer-a54g54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "whr-ampg",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.52"
},
{
"model": "wzr-hp-ag300h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.76"
},
{
"model": "wpl-05g300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.88"
},
{
"model": "wzr-450hp-cwt",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-hp-g",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.49"
},
{
"model": "whr-g301n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.87"
},
{
"model": "wzr-450hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "dwr-pg",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.83"
},
{
"model": "wzr2-g108",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.33"
},
{
"model": "wzr-hp-g300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.84"
},
{
"model": "wzr-900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.15"
},
{
"model": "fs-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.14"
},
{
"model": "whr-g54s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g301n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-ampg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr2-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g302h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wlae-ag300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-ampg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wrm-d2133hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "dwr-pg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-g144nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "ws024bf",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wrm-d2133hs",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-am54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-ag300h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-900dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wli-tx4-ag300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1750dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1166dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-g144n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr2-g108",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wtr-m2133hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "bhr-4grv",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-6000ax12s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp-cwt",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g54s-ni",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "ws024bf-nw",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-ag54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "hw-450hp-zwe",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g450h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wem-1266",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wpl-05g300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wtr-m2133hs",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-ampg300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-a54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-am54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "dwr-hp-g300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-agl300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-300hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-gn",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-ampg144nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-amg54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g301nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-hp-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-300hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-d1100h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-r600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wcr-300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-5950ax12",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-amg54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wli-h4-d600",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp-ub",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wem-1266wp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1166dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1750dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-6000ax12b",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "buffalo",
"scope": null,
"trust": 0.6,
"vendor": "buffalo",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "NVD",
"id": "CVE-2022-39044"
}
]
},
"cve": "CVE-2022-39044",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.2,
"id": "CNVD-2023-73575",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2022-39044",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-002444",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-39044",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-39044",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2022-002444",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2023-73575",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202210-123",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-123"
},
{
"db": "NVD",
"id": "CVE-2022-39044"
},
{
"db": "NVD",
"id": "CVE-2022-39044"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WLI-TX4-AG300N firmware Ver. 1.53 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WZR2-G108 firmware Ver. 1.33 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, and WZR-HP-G450H firmware Ver. 1.90 and earlier. Multiple network devices provided by BUFFALO CORPORATION contain the following vulnerabilities. * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-39044 It was * Use hard-coded credentials (CWE-798) - CVE-2022-34840 It was * authentication bypass (CWE-288) - CVE-2022-40966 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. It was * A user logged into the product accesses the debug function and any OS command is executed - CVE-2022-39044 It was * The setting of the product is changed by a third party on an adjacent network - CVE-2022-34840 It was * A third party on an adjacent network circumvents authentication and accesses the product illegally - CVE-2022-40966. Buffalo firmware is a network device from the Japanese company Buffalo. \n\r\n\r\nA security vulnerability exists in Buffalo Wi-Fi devices. Order. 1.90 and previous versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-39044"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"db": "VULMON",
"id": "CVE-2022-39044"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-39044",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU92805279",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2023-73575",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202210-123",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-39044",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"db": "VULMON",
"id": "CVE-2022-39044"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-123"
},
{
"db": "NVD",
"id": "CVE-2022-39044"
}
]
},
"id": "VAR-202210-0050",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-73575"
}
],
"trust": 0.9898170169230769
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-73575"
}
]
},
"last_update_date": "2025-04-25T01:39:38.206000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple vulnerabilities in some products such as routers and countermeasures",
"trust": 0.8,
"url": "https://www.buffalo.jp/news/detail/20221003-01.html"
},
{
"title": "Patch for Buffalo has an unidentified vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/385236"
},
{
"title": "Buffalo network devices Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=216694"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-123"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "Unpublished features (CWE-912) [ others ]",
"trust": 0.8
},
{
"problemtype": " Use hard-coded credentials (CWE-798) [ others ]",
"trust": 0.8
},
{
"problemtype": " Authentication Bypass Using Alternate Paths or Channels (CWE-288) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "NVD",
"id": "CVE-2022-39044"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://jvn.jp/en/vu/jvnvu92805279/index.html"
},
{
"trust": 1.7,
"url": "https://www.buffalo.jp/news/detail/20221003-01.html"
},
{
"trust": 1.2,
"url": "https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-002444.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92805279/index.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-39044/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"db": "VULMON",
"id": "CVE-2022-39044"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-123"
},
{
"db": "NVD",
"id": "CVE-2022-39044"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"db": "VULMON",
"id": "CVE-2022-39044"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-123"
},
{
"db": "NVD",
"id": "CVE-2022-39044"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"date": "2022-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-39044"
},
{
"date": "2022-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"date": "2022-10-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-123"
},
{
"date": "2022-12-07T10:15:11.023000",
"db": "NVD",
"id": "CVE-2022-39044"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-09-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-73575"
},
{
"date": "2022-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-39044"
},
{
"date": "2022-10-12T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-123"
},
{
"date": "2025-04-23T16:15:22.027000",
"db": "NVD",
"id": "CVE-2022-39044"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-123"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Buffalo network equipment",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-123"
}
],
"trust": 0.6
}
}
VAR-202210-0049
Vulnerability from variot - Updated: 2025-04-25 01:39Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier. * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-39044 It was * Use hard-coded credentials (CWE-798) - CVE-2022-34840 It was * authentication bypass (CWE-288) - CVE-2022-40966 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. It was * A user logged into the product accesses the debug function and any OS command is executed - CVE-2022-39044 It was * The setting of the product is changed by a third party on an adjacent network - CVE-2022-34840 It was * A third party on an adjacent network circumvents authentication and accesses the product illegally - CVE-2022-40966. 2.19 and previous versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202210-0049",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "whr-300hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-s900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.19"
},
{
"model": "wzr-ampg144nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.49"
},
{
"model": "wtr-m2133hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.85"
},
{
"model": "wer-ag54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-1166dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.18"
},
{
"model": "wzr2-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.55"
},
{
"model": "wzr-600dhp3",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.19"
},
{
"model": "wxr-1750dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.60"
},
{
"model": "wcr-300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.87"
},
{
"model": "wxr-1900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.50"
},
{
"model": "wzr-900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.15"
},
{
"model": "wxr-1900dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.59"
},
{
"model": "whr-hp-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-hp-gn",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.87"
},
{
"model": "wxr-6000ax12s",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.40"
},
{
"model": "wzr-1166dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.18"
},
{
"model": "wxr-1900dhp3",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.63"
},
{
"model": "wzr-agl300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.55"
},
{
"model": "wzr-d1100h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wlae-ag300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.86"
},
{
"model": "whr-g",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.49"
},
{
"model": "wer-am54g54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "ws024bf",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.60"
},
{
"model": "wzr-450hp-ub",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-900dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.19"
},
{
"model": "fs-hp-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.33"
},
{
"model": "wem-1266",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.85"
},
{
"model": "wxr-6000ax12b",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.40"
},
{
"model": "wli-h4-d600",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.88"
},
{
"model": "wzr-300hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-hp-g450h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.90"
},
{
"model": "whr-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.65"
},
{
"model": "dwr-hp-g300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.84"
},
{
"model": "bhr-4grv",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-amg54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "fs-r600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.40"
},
{
"model": "wzr-1750dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.31"
},
{
"model": "whr-g54s-ni",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.24"
},
{
"model": "whr-am54g54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-ampg300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.51"
},
{
"model": "ws024bf-nw",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.60"
},
{
"model": "whr-300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-hp-ampg",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wer-amg54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-g144n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.48"
},
{
"model": "whr-g54s",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-hp-g302h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.86"
},
{
"model": "hw-450hp-zwe",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wrm-d2133hs",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.96"
},
{
"model": "whr-hp-g54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "wzr-600dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.15"
},
{
"model": "wzr-g144nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.48"
},
{
"model": "wxr-1750dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.60"
},
{
"model": "wzr-s1750dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.32"
},
{
"model": "wxr-5950ax12",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.40"
},
{
"model": "wtr-m2133hs",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.96"
},
{
"model": "wzr-s600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.19"
},
{
"model": "wzr-hp-g301nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.84"
},
{
"model": "wer-a54g54",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.43"
},
{
"model": "whr-ampg",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.52"
},
{
"model": "wzr-1750dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.30"
},
{
"model": "wrm-d2133hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.85"
},
{
"model": "wzr-hp-ag300h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.76"
},
{
"model": "wpl-05g300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.88"
},
{
"model": "wzr-450hp-cwt",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-hp-g",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.49"
},
{
"model": "whr-g301n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.87"
},
{
"model": "wzr-450hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "dwr-pg",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.83"
},
{
"model": "wem-1266wp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.85"
},
{
"model": "wzr-hp-g300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.84"
},
{
"model": "fs-600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.40"
},
{
"model": "fs-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.14"
},
{
"model": "whr-g54s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g301n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-ampg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr2-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g302h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wlae-ag300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-ampg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wrm-d2133hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "dwr-pg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-g144nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "ws024bf",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wrm-d2133hs",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-am54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-ag300h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-900dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wli-tx4-ag300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1750dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1166dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-g144n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr2-g108",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wtr-m2133hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "bhr-4grv",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-6000ax12s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp-cwt",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g54s-ni",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "ws024bf-nw",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-ag54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "hw-450hp-zwe",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g450h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wem-1266",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wpl-05g300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wtr-m2133hs",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-ampg300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-a54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-am54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "dwr-hp-g300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-agl300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-300hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-gn",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-ampg144nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-amg54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g301nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-hp-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-300hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-d1100h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-r600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wcr-300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-5950ax12",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-amg54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wli-h4-d600",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp-ub",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wem-1266wp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1166dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1750dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-6000ax12b",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "NVD",
"id": "CVE-2022-40966"
}
]
},
"cve": "CVE-2022-40966",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-40966",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-002444",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-40966",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-40966",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-002444",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-2638",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2638"
},
{
"db": "NVD",
"id": "CVE-2022-40966"
},
{
"db": "NVD",
"id": "CVE-2022-40966"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier. * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-39044 It was * Use hard-coded credentials (CWE-798) - CVE-2022-34840 It was * authentication bypass (CWE-288) - CVE-2022-40966 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. It was * A user logged into the product accesses the debug function and any OS command is executed - CVE-2022-39044 It was * The setting of the product is changed by a third party on an adjacent network - CVE-2022-34840 It was * A third party on an adjacent network circumvents authentication and accesses the product illegally - CVE-2022-40966. 2.19 and previous versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-40966"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "VULMON",
"id": "CVE-2022-40966"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVNVU92805279",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2022-40966",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2638",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-40966",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-40966"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2638"
},
{
"db": "NVD",
"id": "CVE-2022-40966"
}
]
},
"id": "VAR-202210-0049",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38981701692307696
},
"last_update_date": "2025-04-25T01:39:38.178000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple vulnerabilities in some products such as routers and countermeasures",
"trust": 0.8,
"url": "https://www.buffalo.jp/news/detail/20221003-01.html"
},
{
"title": "Buffalo network devices Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=216674"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2638"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Unpublished features (CWE-912) [ others ]",
"trust": 0.8
},
{
"problemtype": " Use hard-coded credentials (CWE-798) [ others ]",
"trust": 0.8
},
{
"problemtype": " Authentication Bypass Using Alternate Paths or Channels (CWE-288) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "NVD",
"id": "CVE-2022-40966"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://jvn.jp/en/vu/jvnvu92805279/index.html"
},
{
"trust": 1.7,
"url": "https://www.buffalo.jp/news/detail/20221003-01.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92805279/index.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-40966/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-40966"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2638"
},
{
"db": "NVD",
"id": "CVE-2022-40966"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-40966"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2638"
},
{
"db": "NVD",
"id": "CVE-2022-40966"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-40966"
},
{
"date": "2022-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"date": "2022-12-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2638"
},
{
"date": "2022-12-07T10:15:11.073000",
"db": "NVD",
"id": "CVE-2022-40966"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-40966"
},
{
"date": "2022-10-12T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2638"
},
{
"date": "2025-04-23T16:15:25.130000",
"db": "NVD",
"id": "CVE-2022-40966"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2638"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Buffalo network equipment",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2638"
}
],
"trust": 0.6
}
}
VAR-202210-0051
Vulnerability from variot - Updated: 2025-04-25 01:39Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, and WZR-D1100H firmware Ver. 2.00 and earlier. * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-39044 It was * Use hard-coded credentials (CWE-798) - CVE-2022-34840 It was * authentication bypass (CWE-288) - CVE-2022-40966 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. It was * A user logged into the product accesses the debug function and any OS command is executed - CVE-2022-39044 It was * The setting of the product is changed by a third party on an adjacent network - CVE-2022-34840 It was * A third party on an adjacent network circumvents authentication and accesses the product illegally - CVE-2022-40966. Buffalo firmware is a network device of Japan's Buffalo company. 2.00 and previous versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202210-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wzr-600dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.15"
},
{
"model": "wzr-300hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-450hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.15"
},
{
"model": "hw-450hp-zwe",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-450hp-cwt",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-450hp-ub",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-d1100h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "wzr-600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.00"
},
{
"model": "whr-g54s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g301n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-ampg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr2-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g302h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wlae-ag300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-ampg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wrm-d2133hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "dwr-pg",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-g144nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "ws024bf",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wrm-d2133hs",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-am54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-ag300h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-900dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wli-tx4-ag300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1750dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1166dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-g144n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr2-g108",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wtr-m2133hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "bhr-4grv",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-6000ax12s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp-cwt",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g54s-ni",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "ws024bf-nw",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-g",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-ag54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "hw-450hp-zwe",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g450h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wem-1266",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wpl-05g300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wtr-m2133hs",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-ampg300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-a54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-am54g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "dwr-hp-g300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-agl300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-300hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-gn",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-ampg144nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wer-amg54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g301nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-hp-g300n",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1900dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-300hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-hp-g300nh",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-d1100h",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "fs-r600dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wcr-300",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s1750dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-5950ax12",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-s900dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-amg54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wli-h4-d600",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-450hp-ub",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wem-1266wp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "whr-hp-g54",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-1166dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-1750dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-600dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-6000ax12b",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wzr-300hp",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=2.00"
},
{
"model": "wzr-450hp",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=2.00"
},
{
"model": "wzr-600dhp",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=2.00"
},
{
"model": "wzr-900dhp",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=1.15"
},
{
"model": "hw-450hp-zwe",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=2.00"
},
{
"model": "wzr-450hp-cwt",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=2.00"
},
{
"model": "wzr-450hp-ub",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=2.00"
},
{
"model": "wzr-600dhp2",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=1.15"
},
{
"model": "wzr-d1100h",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=2.00"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "NVD",
"id": "CVE-2022-34840"
}
]
},
"cve": "CVE-2022-34840",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2022-87596",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2022-34840",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-002444",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-34840",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-34840",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2022-002444",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2022-87596",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202210-122",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-122"
},
{
"db": "NVD",
"id": "CVE-2022-34840"
},
{
"db": "NVD",
"id": "CVE-2022-34840"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, and WZR-D1100H firmware Ver. 2.00 and earlier. * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-39044 It was * Use hard-coded credentials (CWE-798) - CVE-2022-34840 It was * authentication bypass (CWE-288) - CVE-2022-40966 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. It was * A user logged into the product accesses the debug function and any OS command is executed - CVE-2022-39044 It was * The setting of the product is changed by a third party on an adjacent network - CVE-2022-34840 It was * A third party on an adjacent network circumvents authentication and accesses the product illegally - CVE-2022-40966. Buffalo firmware is a network device of Japan\u0027s Buffalo company. 2.00 and previous versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34840"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"db": "VULMON",
"id": "CVE-2022-34840"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-34840",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU92805279",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2022-87596",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202210-122",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-34840",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"db": "VULMON",
"id": "CVE-2022-34840"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-122"
},
{
"db": "NVD",
"id": "CVE-2022-34840"
}
]
},
"id": "VAR-202210-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87596"
}
],
"trust": 0.9898170169230769
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87596"
}
]
},
"last_update_date": "2025-04-25T01:39:38.148000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple vulnerabilities in some products such as routers and countermeasures",
"trust": 0.8,
"url": "https://www.buffalo.jp/news/detail/20221003-01.html"
},
{
"title": "Patch for Buffalo Trust Management Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/370981"
},
{
"title": "Buffalo network devices Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=216693"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-122"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.0
},
{
"problemtype": "Unpublished features (CWE-912) [ others ]",
"trust": 0.8
},
{
"problemtype": " Use hard-coded credentials (CWE-798) [ others ]",
"trust": 0.8
},
{
"problemtype": " Authentication Bypass Using Alternate Paths or Channels (CWE-288) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "NVD",
"id": "CVE-2022-34840"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://jvn.jp/en/vu/jvnvu92805279/index.html"
},
{
"trust": 1.7,
"url": "https://www.buffalo.jp/news/detail/20221003-01.html"
},
{
"trust": 1.2,
"url": "https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-002444.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92805279/index.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-34840/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"db": "VULMON",
"id": "CVE-2022-34840"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-122"
},
{
"db": "NVD",
"id": "CVE-2022-34840"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"db": "VULMON",
"id": "CVE-2022-34840"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-122"
},
{
"db": "NVD",
"id": "CVE-2022-34840"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"date": "2022-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34840"
},
{
"date": "2022-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"date": "2022-10-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-122"
},
{
"date": "2022-12-07T10:15:10.303000",
"db": "NVD",
"id": "CVE-2022-34840"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-87596"
},
{
"date": "2022-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34840"
},
{
"date": "2022-10-12T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2022-002444"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-122"
},
{
"date": "2025-04-23T17:15:48.673000",
"db": "NVD",
"id": "CVE-2022-34840"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-122"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Buffalo network equipment",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002444"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-122"
}
],
"trust": 0.6
}
}
VAR-201606-0175
Vulnerability from variot - Updated: 2025-04-13 23:29BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors. Multiple Buffalo wireless LAN routers contain an information disclosure vulnerability. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Information such as authentication credentials may be disclosed by an unauthenticated remote attacker. The Buffalo WZR-600DHP3 and WZR-S600DHP are both wireless router products of the Buffalo Group in Japan. A remote attacker can exploit this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0175",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wapm-apg300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.62"
},
{
"model": "wzr-600dhp3",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.16"
},
{
"model": "wzr-1750dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.28"
},
{
"model": "wzr-600dhp",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.97"
},
{
"model": "bhr-4grv",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.96"
},
{
"model": "whr-300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.96"
},
{
"model": "fs-600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "3.34"
},
{
"model": "wzr-300hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.96"
},
{
"model": "wzr-1166dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.13"
},
{
"model": "wcr-300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.86"
},
{
"model": "wzr-hp-g301nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.81"
},
{
"model": "wzr-450hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.97"
},
{
"model": "wzr-s900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.16"
},
{
"model": "wzr-hp-ag300h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.73"
},
{
"model": "wzr-900dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.16"
},
{
"model": "wzr-450hp-cwt",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.92"
},
{
"model": "wxr-1900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.34"
},
{
"model": "wzr-450hp-ub",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.96"
},
{
"model": "wzr-hp-g450h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.87"
},
{
"model": "wapm-ag300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.62"
},
{
"model": "wzr-s1750dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.28"
},
{
"model": "wzr-d1100h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.96"
},
{
"model": "wzr-s600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.16"
},
{
"model": "dwr-hp-g300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.81"
},
{
"model": "wpl-05g300",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.86"
},
{
"model": "whr-300hp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.96"
},
{
"model": "wzr-1750dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.28"
},
{
"model": "wzr-hp-g302h",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.83"
},
{
"model": "wzr-900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.11"
},
{
"model": "wxr-1750dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.42"
},
{
"model": "wzr-900dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.13"
},
{
"model": "whr-hp-g300n",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.96"
},
{
"model": "wzr-1166dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.13"
},
{
"model": "wzr-hp-g300nh",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.81"
},
{
"model": "hw-450hp-zwe",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.91"
},
{
"model": "wzr-600dhp3",
"scope": "lte",
"trust": 0.8,
"vendor": "buffalo",
"version": "ver.2.16"
},
{
"model": "wzr-s600dhp",
"scope": "lte",
"trust": 0.8,
"vendor": "buffalo",
"version": "ver.2.16"
},
{
"model": "wzr-600dhp3 \u003c=ver.2.16",
"scope": null,
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-s600dhp \u003c=ver.2.16",
"scope": null,
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-600dhp",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-450hp",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-hp-g301nh",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-600dhp3",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wxr-1750dhp",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-450hp-cwt",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "hw-450hp-zwe",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-900dhp2",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wcr-300",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-hp-g450h",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
},
{
"db": "NVD",
"id": "CVE-2016-4816"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:buffalo_inc:wzr-600dhp3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:buffalo_inc:wzr-s600dhp_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc.",
"sources": [
{
"db": "BID",
"id": "90905"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
}
],
"trust": 0.9
},
"cve": "CVE-2016-4816",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-4816",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2016-000087",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-03694",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-93635",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-4816",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2016-000087",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4816",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2016-000087",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-03694",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-674",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-93635",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"db": "VULHUB",
"id": "VHN-93635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
},
{
"db": "NVD",
"id": "CVE-2016-4816"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors. Multiple Buffalo wireless LAN routers contain an information disclosure vulnerability. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Information such as authentication credentials may be disclosed by an unauthenticated remote attacker. The Buffalo WZR-600DHP3 and WZR-S600DHP are both wireless router products of the Buffalo Group in Japan. A remote attacker can exploit this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4816"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"db": "BID",
"id": "90905"
},
{
"db": "VULHUB",
"id": "VHN-93635"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4816",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVN75813272",
"trust": 3.1
},
{
"db": "CNNVD",
"id": "CNNVD-201605-674",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-03694",
"trust": 0.6
},
{
"db": "BID",
"id": "90905",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-93635",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"db": "VULHUB",
"id": "VHN-93635"
},
{
"db": "BID",
"id": "90905"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
},
{
"db": "NVD",
"id": "CVE-2016-4816"
}
]
},
"id": "VAR-201606-0175",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"db": "VULHUB",
"id": "VHN-93635"
}
],
"trust": 1.0713480954545453
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03694"
}
]
},
"last_update_date": "2025-04-13T23:29:29.650000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "BUFFALO INC. website",
"trust": 0.8,
"url": "http://buffalo.jp/support_s/s20160527a.html"
},
{
"title": "Patch for BuffaloWZR-600DHP3 and WZR-S600DHP Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/76685"
},
{
"title": "Buffalo WZR-600DHP3 and WZR-S600DHP Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61984"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"db": "NVD",
"id": "CVE-2016-4816"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://jvn.jp/en/jp/jvn75813272/index.html"
},
{
"trust": 2.3,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2016-000087"
},
{
"trust": 1.7,
"url": "http://buffalo.jp/support_s/s20160527a.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4816"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4816"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"db": "VULHUB",
"id": "VHN-93635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
},
{
"db": "NVD",
"id": "CVE-2016-4816"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"db": "VULHUB",
"id": "VHN-93635"
},
{
"db": "BID",
"id": "90905"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
},
{
"db": "NVD",
"id": "CVE-2016-4816"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"date": "2016-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-93635"
},
{
"date": "2016-05-27T00:00:00",
"db": "BID",
"id": "90905"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"date": "2016-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-674"
},
{
"date": "2016-06-19T01:59:11.043000",
"db": "NVD",
"id": "CVE-2016-4816"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03694"
},
{
"date": "2016-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-93635"
},
{
"date": "2016-05-27T00:00:00",
"db": "BID",
"id": "90905"
},
{
"date": "2016-06-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-000087"
},
{
"date": "2016-06-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-674"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-4816"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Buffalo wireless LAN routers vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-000087"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-674"
}
],
"trust": 0.6
}
}
VAR-201606-0174
Vulnerability from variot - Updated: 2025-04-13 23:09Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors. Multiple wireless LAN routers provided by BUFFALO INC. contain a directory traversal vulnerability (CWE-22). Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Arbitrary files on the server may be viewed by an attacker who can access the product. An attacker could exploit this vulnerability to read any file on the server. Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application. Information obtained could aid in further attacks. The following versions are affected: WZR-S600DHP firmware version 2.16 and prior. WZR-600DHP3 firmware version 2.16 and prior
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0174",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wzr-600dhp3",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.16"
},
{
"model": "wzr-s900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.16"
},
{
"model": "wzr-900dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.11"
},
{
"model": "wzr-600dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.13"
},
{
"model": "wzr-900dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.16"
},
{
"model": "wzr-s600dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "2.16"
},
{
"model": "wzr-600dhp3",
"scope": "lte",
"trust": 0.8,
"vendor": "buffalo",
"version": "ver.2.16"
},
{
"model": "wzr-s600dhp",
"scope": "lte",
"trust": 0.8,
"vendor": "buffalo",
"version": "ver.2.16"
},
{
"model": "wzr-600dhp3 \u003c=ver.2.16",
"scope": null,
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-s600dhp \u003c=ver.2.16",
"scope": null,
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-900dhp",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-s600dhp",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-600dhp3",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-900dhp2",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-600dhp2",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
},
{
"model": "wzr-s900dhp",
"scope": "eq",
"trust": 0.6,
"vendor": "buffalo",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
},
{
"db": "NVD",
"id": "CVE-2016-4815"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:buffalo_inc:wzr-600dhp3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:buffalo_inc:wzr-s600dhp_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc.",
"sources": [
{
"db": "BID",
"id": "90903"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
}
],
"trust": 0.9
},
"cve": "CVE-2016-4815",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-4815",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2016-000086",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-03693",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-93634",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-4815",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2016-000086",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4815",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2016-000086",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-03693",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-675",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-93634",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"db": "VULHUB",
"id": "VHN-93634"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
},
{
"db": "NVD",
"id": "CVE-2016-4815"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors. Multiple wireless LAN routers provided by BUFFALO INC. contain a directory traversal vulnerability (CWE-22). Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Arbitrary files on the server may be viewed by an attacker who can access the product. An attacker could exploit this vulnerability to read any file on the server. \nRemote attackers may use a specially crafted request with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files from the affected system in the context of the application. Information obtained could aid in further attacks. \nThe following versions are affected:\nWZR-S600DHP firmware version 2.16 and prior. \nWZR-600DHP3 firmware version 2.16 and prior",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4815"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"db": "BID",
"id": "90903"
},
{
"db": "VULHUB",
"id": "VHN-93634"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4815",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVN81698369",
"trust": 3.1
},
{
"db": "CNNVD",
"id": "CNNVD-201605-675",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-03693",
"trust": 0.6
},
{
"db": "BID",
"id": "90903",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-93634",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"db": "VULHUB",
"id": "VHN-93634"
},
{
"db": "BID",
"id": "90903"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
},
{
"db": "NVD",
"id": "CVE-2016-4815"
}
]
},
"id": "VAR-201606-0174",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"db": "VULHUB",
"id": "VHN-93634"
}
],
"trust": 1.1614087325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03693"
}
]
},
"last_update_date": "2025-04-13T23:09:34.964000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "BUFFALO INC. website",
"trust": 0.8,
"url": "http://buffalo.jp/support_s/s20160527b.html"
},
{
"title": "BuffaloWZR-S600DHP and WZR-600DHP3 Directory Traversal Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/76686"
},
{
"title": "Buffalo WZR-S600DHP and WZR-600DHP3 Fixes for directory traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61985"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93634"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"db": "NVD",
"id": "CVE-2016-4815"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://jvn.jp/en/jp/jvn81698369/index.html"
},
{
"trust": 2.3,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2016-000086"
},
{
"trust": 1.7,
"url": "http://buffalo.jp/support_s/s20160527b.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4815"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4815"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"db": "VULHUB",
"id": "VHN-93634"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
},
{
"db": "NVD",
"id": "CVE-2016-4815"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"db": "VULHUB",
"id": "VHN-93634"
},
{
"db": "BID",
"id": "90903"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
},
{
"db": "NVD",
"id": "CVE-2016-4815"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"date": "2016-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-93634"
},
{
"date": "2016-05-27T00:00:00",
"db": "BID",
"id": "90903"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"date": "2016-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-675"
},
{
"date": "2016-06-19T01:59:10.030000",
"db": "NVD",
"id": "CVE-2016-4815"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03693"
},
{
"date": "2016-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-93634"
},
{
"date": "2016-05-27T00:00:00",
"db": "BID",
"id": "90903"
},
{
"date": "2016-06-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-000086"
},
{
"date": "2016-06-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-675"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-4815"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Buffalo wireless LAN routers vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-000086"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-675"
}
],
"trust": 0.6
}
}