All the vulnerabilites related to BUFFALO INC. - BHR-4GRV2
jvndb-2015-000085
Vulnerability from jvndb
Published
2015-06-05 14:16
Modified
2015-06-10 17:54
Summary
Multiple Buffalo wireless LAN routers vulnerable to OS command injection
Details
Multiple wireless LAN routers provided by BUFFALO INC. contain an OS command injection vulnerability.
Masashi Sakai, Satoshi Ogawa reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000085.html", "dc:date": "2015-06-10T17:54+09:00", "dcterms:issued": "2015-06-05T14:16+09:00", "dcterms:modified": "2015-06-10T17:54+09:00", "description": "Multiple wireless LAN routers provided by BUFFALO INC. contain an OS command injection vulnerability.\r\n\r\nMasashi Sakai, Satoshi Ogawa reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.", "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000085.html", "sec:cpe": [ { "#text": "cpe:/h:buffalo_inc:bhr-4grv2", "@product": "BHR-4GRV2", "@vendor": "BUFFALO INC.", "@version": "2.2" }, { "#text": "cpe:/h:buffalo_inc:wex-300", "@product": "WEX-300", "@vendor": "BUFFALO INC.", "@version": "2.2" }, { "#text": "cpe:/h:buffalo_inc:whr-1166dhp", "@product": "WHR-1166DHP", "@vendor": "BUFFALO INC.", "@version": "2.2" }, { "#text": "cpe:/h:buffalo_inc:whr-300hp2", "@product": "WHR-300HP2", "@vendor": "BUFFALO INC.", "@version": "2.2" }, { "#text": "cpe:/h:buffalo_inc:whr-600d", "@product": "WHR-600D", "@vendor": "BUFFALO INC.", "@version": "2.2" }, { "#text": "cpe:/h:buffalo_inc:wmr-300", "@product": "WMR-300", "@vendor": "BUFFALO INC.", "@version": "2.2" }, { "#text": "cpe:/h:buffalo_inc:wsr-600dhp", "@product": "WSR-600DHP", "@vendor": "BUFFALO INC.", "@version": "2.2" } ], "sec:cvss": { "@score": "5.2", "@severity": "Medium", "@type": "Base", "@vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2015-000085", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN50447904/index.html", "@id": "JVN#50447904", "@source": "JVN" }, { "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9284", "@id": "CVE-2014-9284", "@source": "CVE" }, { "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9284", "@id": "CVE-2014-9284", "@source": "NVD" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-78", "@title": "OS Command Injection(CWE-78)" } ], "title": "Multiple Buffalo wireless LAN routers vulnerable to OS command injection" }