Buffalo: >> Vr-S1000 Firmware >> 2.37 Security Vulnerabilities
VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-12-26
VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-12-26
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-12-26
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-12-26