Vulnerability Details CVE-2022-43466
OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.7%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2022-43466
-
cpe:2.3:h:buffalo:wex-1800ax4:-
-
cpe:2.3:h:buffalo:wex-1800ax4ea:-
-
cpe:2.3:h:buffalo:wsr-2533dhp2:-
-
cpe:2.3:h:buffalo:wsr-2533dhp3:-
-
cpe:2.3:h:buffalo:wsr-2533dhpl2:-
-
cpe:2.3:h:buffalo:wsr-2533dhpls:-
-
cpe:2.3:h:buffalo:wsr-3200ax4b:-
-
cpe:2.3:h:buffalo:wsr-3200ax4s:-
-
cpe:2.3:h:buffalo:wsr-a2533dhp2:-
-
cpe:2.3:h:buffalo:wsr-a2533dhp3:-
-
cpe:2.3:o:buffalo:wex-1800ax4_firmware:-
-
cpe:2.3:o:buffalo:wex-1800ax4_firmware:1.13
-
cpe:2.3:o:buffalo:wex-1800ax4ea_firmware:-
-
cpe:2.3:o:buffalo:wex-1800ax4ea_firmware:1.13
-
cpe:2.3:o:buffalo:wsr-2533dhp2_firmware:-
-
cpe:2.3:o:buffalo:wsr-2533dhp2_firmware:1.11
-
cpe:2.3:o:buffalo:wsr-2533dhp2_firmware:1.22
-
cpe:2.3:o:buffalo:wsr-2533dhp3_firmware:-
-
cpe:2.3:o:buffalo:wsr-2533dhp3_firmware:1.26
-
cpe:2.3:o:buffalo:wsr-2533dhpl2_firmware:-
-
cpe:2.3:o:buffalo:wsr-2533dhpl2_firmware:1.03
-
cpe:2.3:o:buffalo:wsr-2533dhpls_firmware:-
-
cpe:2.3:o:buffalo:wsr-2533dhpls_firmware:1.07
-
cpe:2.3:o:buffalo:wsr-3200ax4b_firmware:1.25
-
cpe:2.3:o:buffalo:wsr-3200ax4s_firmware:-
-
cpe:2.3:o:buffalo:wsr-3200ax4s_firmware:1.26
-
cpe:2.3:o:buffalo:wsr-a2533dhp2_firmware:-
-
cpe:2.3:o:buffalo:wsr-a2533dhp2_firmware:1.11
-
cpe:2.3:o:buffalo:wsr-a2533dhp2_firmware:1.22
-
cpe:2.3:o:buffalo:wsr-a2533dhp3_firmware:-
-
cpe:2.3:o:buffalo:wsr-a2533dhp3_firmware:1.26