Shodan
Vulnerabilities
Vulnerable Software
Buffalo:  Security Vulnerabilities
CVE-2018-13323
Cross-site scripting in detail.html in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute JavaScript via the "username" cookie.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-11-26
CVE-2018-13324
Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to bypass authentication by sending a modified HTTP Host header.
CVSS Score
9.8
EPSS Score
0.01
Published
2018-11-26
CVE-2018-0554
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-04-09
CVE-2018-0555
Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file.
CVSS Score
7.8
EPSS Score
0.005
Published
2018-04-09
CVE-2018-0556
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-04-09
CVE-2018-0521
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-03-09
CVE-2018-0522
Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary code via a specially crafted file.
CVSS Score
7.8
EPSS Score
0.009
Published
2018-03-09
CVE-2018-0523
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-03-09
CVE-2017-10896
Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-12-08
CVE-2017-10897
Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors.
CVSS Score
4.5
EPSS Score
0.001
Published
2017-12-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved