Shodan
Vulnerabilities
Vulnerable Software
Buffalo:  Security Vulnerabilities
CVE-2018-0521
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-03-09
CVE-2018-0522
Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary code via a specially crafted file.
CVSS Score
7.8
EPSS Score
0.009
Published
2018-03-09
CVE-2018-0523
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-03-09
CVE-2017-10896
Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-12-08
CVE-2017-10897
Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors.
CVSS Score
4.5
EPSS Score
0.001
Published
2017-12-08
CVE-2017-10811
Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.002
Published
2017-08-18
CVE-2017-2126
WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.135
Published
2017-07-22
CVE-2017-2273
Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-07-22
CVE-2017-2274
Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-07-22
CVE-2016-4816
BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.004
Published
2016-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved