Vulnerability Details CVE-2022-43443
OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.2%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2022-43443
-
cpe:2.3:h:buffalo:wcr-1166ds:-
-
cpe:2.3:h:buffalo:wsr-2533dhp2:-
-
cpe:2.3:h:buffalo:wsr-2533dhp3:-
-
cpe:2.3:h:buffalo:wsr-2533dhp:-
-
cpe:2.3:h:buffalo:wsr-2533dhpl2:-
-
cpe:2.3:h:buffalo:wsr-2533dhpl:-
-
cpe:2.3:h:buffalo:wsr-2533dhpls:-
-
cpe:2.3:h:buffalo:wsr-3200ax4b:-
-
cpe:2.3:h:buffalo:wsr-3200ax4s:-
-
cpe:2.3:h:buffalo:wsr-a2533dhp2:-
-
cpe:2.3:h:buffalo:wsr-a2533dhp3:-
-
cpe:2.3:o:buffalo:wcr-1166ds_firmware:1.30
-
cpe:2.3:o:buffalo:wcr-1166ds_firmware:1.33
-
cpe:2.3:o:buffalo:wsr-2533dhp2_firmware:-
-
cpe:2.3:o:buffalo:wsr-2533dhp2_firmware:1.11
-
cpe:2.3:o:buffalo:wsr-2533dhp2_firmware:1.22
-
cpe:2.3:o:buffalo:wsr-2533dhp3_firmware:-
-
cpe:2.3:o:buffalo:wsr-2533dhp3_firmware:1.26
-
cpe:2.3:o:buffalo:wsr-2533dhp_firmware:1.07
-
cpe:2.3:o:buffalo:wsr-2533dhpl2_firmware:-
-
cpe:2.3:o:buffalo:wsr-2533dhpl2_firmware:1.03
-
cpe:2.3:o:buffalo:wsr-2533dhpl_firmware:1.07
-
cpe:2.3:o:buffalo:wsr-2533dhpls_firmware:-
-
cpe:2.3:o:buffalo:wsr-2533dhpls_firmware:1.07
-
cpe:2.3:o:buffalo:wsr-3200ax4b_firmware:1.25
-
cpe:2.3:o:buffalo:wsr-3200ax4s_firmware:-
-
cpe:2.3:o:buffalo:wsr-3200ax4s_firmware:1.26
-
cpe:2.3:o:buffalo:wsr-a2533dhp2_firmware:-
-
cpe:2.3:o:buffalo:wsr-a2533dhp2_firmware:1.11
-
cpe:2.3:o:buffalo:wsr-a2533dhp2_firmware:1.22
-
cpe:2.3:o:buffalo:wsr-a2533dhp3_firmware:-
-
cpe:2.3:o:buffalo:wsr-a2533dhp3_firmware:1.26