CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-2274

Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.7%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://buffalo.jp/support_s/s20170606.html
https://jvn.jp/en/jp/JVN48413726/index.html
http://buffalo.jp/support_s/s20170606.html
https://jvn.jp/en/jp/JVN48413726/index.html

Products affected by CVE-2017-2274

Buffalo » Wmr-433 » Version: N/A

cpe:2.3:h:buffalo:wmr-433:-
Buffalo » Wmr-433w » Version: N/A

cpe:2.3:h:buffalo:wmr-433w:-
Buffalo » Wmr-433 Firmware » Version: 1.02

cpe:2.3:o:buffalo:wmr-433_firmware:1.02
Buffalo » Wmr-433w Firmware » Version: 1.40

cpe:2.3:o:buffalo:wmr-433w_firmware:1.40

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-2274

Products

Pricing

Contact Us