Search criteria
3 vulnerabilities found for wcr-1166ds by buffalo
VAR-202212-0948
Vulnerability from variot - Updated: 2024-02-15 22:56Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices. Multiple network devices provided by BUFFALO CORPORATION contain the following vulnerabilities. * OS Command injection (CWE-78) - CVE-2022-43466 It was * OS Command injection (CWE-78) - CVE-2022-43443 It was * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-43486 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party who can log into the management screen of the device may CGI When a specially crafted request is sent to a program, arbitrary commands are executed when a specific management screen is opened. - CVE-2022-43466 It was * Arbitrary commands are executed when a specially crafted request is sent to the management screen by a third party who has access to the device. - CVE-2022-43443 It was * A third party who can log in to the management screen of the device illegally activates the debugging function and executes arbitrary commands. - CVE-2022-43486. 1.26 and previous versions, WSR-3200AX4B firmware Ver. 1.25, WSR-2533DHP firmware Ver. 1.08 and previous versions, WSR-2533DHP2 firmware Ver. 1.22 and previous versions, WSR-A2533DHP2 firmware Ver. 1.22 and previous versions, WSR-2533DHP3 firmware Ver. 1.26 and previous versions, WSR-A2533DHP3 firmware Ver. 1.26 and previous versions, WSR-2533DHPL firmware Ver. 1.08 and previous versions, WSR-2533DHPL2 firmware Ver. 1.03 and previous versions, WSR-2533DHPLS firmware Ver. 1.07 and previous versions, WCR-1166DS firmware Ver. 1.34 and previous versions, WEX-1800AX4 firmware Ver. 1.13 and previous versions, and WEX-1800AX4EA firmware Ver
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-0948",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wsr-3200ax4s",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.26"
},
{
"model": "wsr-a2533dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.22"
},
{
"model": "wsr-2533dhpls",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.07"
},
{
"model": "wsr-2533dhp3",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.26"
},
{
"model": "wsr-2533dhpl",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.08"
},
{
"model": "wsr-a2533dhp3",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.26"
},
{
"model": "wex-1800ax4",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.13"
},
{
"model": "wsr-2533dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.08"
},
{
"model": "wex-1800ax4ea",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.13"
},
{
"model": "wsr-2533dhpl2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.03"
},
{
"model": "wcr-1166ds",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.34"
},
{
"model": "wsr-2533dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.22"
},
{
"model": "wsr-3200ax4b",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.25"
},
{
"model": "wsr-2533dhpl2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhplb",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhpl",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-5700ax7b",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-a2533dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhpls",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-3200ax4b",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wcr-1166ds",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wex-1800ax4ea",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wex-1800ax4",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-5700ax7s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-3200ax4s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-a2533dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-1166dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-11000xe12",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-3200ax4s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-3200ax4s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-3200ax4b_firmware:1.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-3200ax4b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhp2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhp2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-a2533dhp2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-a2533dhp2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhp3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhp3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-a2533dhp3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-a2533dhp3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhpl2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.03",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhpl2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhpls_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.07",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhpls:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wex-1800ax4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wex-1800ax4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wex-1800ax4ea_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wex-1800ax4ea:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhpl_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhpl:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wcr-1166ds_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.34",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wcr-1166ds:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"cve": "CVE-2022-43486",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-002775",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-43486",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2022-002775",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-2828",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2828"
},
{
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices. Multiple network devices provided by BUFFALO CORPORATION contain the following vulnerabilities. * OS Command injection (CWE-78) - CVE-2022-43466 It was * OS Command injection (CWE-78) - CVE-2022-43443 It was * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-43486 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party who can log into the management screen of the device may CGI When a specially crafted request is sent to a program, arbitrary commands are executed when a specific management screen is opened. - CVE-2022-43466 It was * Arbitrary commands are executed when a specially crafted request is sent to the management screen by a third party who has access to the device. - CVE-2022-43443 It was * A third party who can log in to the management screen of the device illegally activates the debugging function and executes arbitrary commands. - CVE-2022-43486. 1.26 and previous versions, WSR-3200AX4B firmware Ver. 1.25, WSR-2533DHP firmware Ver. 1.08 and previous versions, WSR-2533DHP2 firmware Ver. 1.22 and previous versions, WSR-A2533DHP2 firmware Ver. 1.22 and previous versions, WSR-2533DHP3 firmware Ver. 1.26 and previous versions, WSR-A2533DHP3 firmware Ver. 1.26 and previous versions, WSR-2533DHPL firmware Ver. 1.08 and previous versions, WSR-2533DHPL2 firmware Ver. 1.03 and previous versions, WSR-2533DHPLS firmware Ver. 1.07 and previous versions, WCR-1166DS firmware Ver. 1.34 and previous versions, WEX-1800AX4 firmware Ver. 1.13 and previous versions, and WEX-1800AX4EA firmware Ver",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43486"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "VULMON",
"id": "CVE-2022-43486"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVNVU97099584",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2022-43486",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2828",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-43486",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-43486"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2828"
},
{
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"id": "VAR-202212-0948",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.7416666666666667
},
"last_update_date": "2024-02-15T22:56:53.056000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Buffalo Co., Ltd. \u00a0 announcement page",
"trust": 0.8,
"url": "https://www.buffalo.jp/news/detail/20221205-01.html"
},
{
"title": "Buffalo network devices Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=218326"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2828"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
},
{
"problemtype": " Unpublished features (CWE-912) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "https://jvn.jp/en/vu/jvnvu97099584/"
},
{
"trust": 1.0,
"url": "https://www.buffalo.jp/news/detail/20240131-01.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97099584/index.html"
},
{
"trust": 0.7,
"url": "https://jvn.jp/en/vu/jvnvu97099584/index.html"
},
{
"trust": 0.7,
"url": "https://www.buffalo.jp/news/detail/20221205-01.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-43486/"
},
{
"trust": 0.6,
"url": "https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-002775.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-43486"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2828"
},
{
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-43486"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2828"
},
{
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-19T00:00:00",
"db": "VULMON",
"id": "CVE-2022-43486"
},
{
"date": "2022-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"date": "2022-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2828"
},
{
"date": "2022-12-19T03:15:10.633000",
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-19T00:00:00",
"db": "VULMON",
"id": "CVE-2022-43486"
},
{
"date": "2024-02-14T06:39:00",
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"date": "2022-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2828"
},
{
"date": "2024-02-14T07:15:09.107000",
"db": "NVD",
"id": "CVE-2022-43486"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2828"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Buffalo network equipment",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2828"
}
],
"trust": 0.6
}
}
VAR-202212-0949
Vulnerability from variot - Updated: 2024-02-15 22:56OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page. Multiple network devices provided by BUFFALO CORPORATION contain the following vulnerabilities. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. - CVE-2022-43443 It was * A third party who can log in to the management screen of the device illegally activates the debugging function and executes arbitrary commands. - CVE-2022-43486. Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and previous versions, WSR-3200AX4B firmware Ver. 1.25, WSR-2533DHP firmware Ver. 1.08 and previous versions, WSR-2533DHP2 firmware Ver. 1.22 and previous versions, WSR-A2533DHP2 firmware Ver. 1.22 and previous versions, WSR-2533DHP3 firmware Ver. 1.26 and previous versions, WSR-A2533DHP3 firmware Ver. 1.26 and previous versions, WSR-2533DHPL firmware Ver. 1.08 and previous versions, WSR-2533DHPL2 firmware Ver. 1.03 and previous versions, WSR-2533DHPLS firmware Ver. 1.07 and previous versions, and WCR-1166DS firmware Ver
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-0949",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wsr-3200ax4s",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.26"
},
{
"model": "wsr-a2533dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.22"
},
{
"model": "wsr-2533dhpls",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.07"
},
{
"model": "wsr-2533dhp3",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.26"
},
{
"model": "wsr-2533dhpl",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.08"
},
{
"model": "wsr-a2533dhp3",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.26"
},
{
"model": "wsr-2533dhp",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.08"
},
{
"model": "wsr-2533dhpl2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.03"
},
{
"model": "wcr-1166ds",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.34"
},
{
"model": "wsr-2533dhp2",
"scope": "lte",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.22"
},
{
"model": "wsr-3200ax4b",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalo",
"version": "1.25"
},
{
"model": "wsr-2533dhpl2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhplb",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhpl",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-5700ax7b",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-a2533dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhpls",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-3200ax4b",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wcr-1166ds",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wex-1800ax4ea",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhp",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wex-1800ax4",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-5700ax7s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-3200ax4s",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-a2533dhp3",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-1166dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wxr-11000xe12",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
},
{
"model": "wsr-2533dhp2",
"scope": null,
"trust": 0.8,
"vendor": "\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-3200ax4s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-3200ax4s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-3200ax4b_firmware:1.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-3200ax4b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhp2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhp2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-a2533dhp2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-a2533dhp2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhp3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhp3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-a2533dhp3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-a2533dhp3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhpl2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.03",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhpl2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhpls_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.07",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhpls:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhpl_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhpl:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wcr-1166ds_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.34",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wcr-1166ds:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"cve": "CVE-2022-43443",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "Low",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2022-002775",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-43443",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-002775",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-2829",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2829"
},
{
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page. Multiple network devices provided by BUFFALO CORPORATION contain the following vulnerabilities. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. - CVE-2022-43443 It was * A third party who can log in to the management screen of the device illegally activates the debugging function and executes arbitrary commands. - CVE-2022-43486. Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and previous versions, WSR-3200AX4B firmware Ver. 1.25, WSR-2533DHP firmware Ver. 1.08 and previous versions, WSR-2533DHP2 firmware Ver. 1.22 and previous versions, WSR-A2533DHP2 firmware Ver. 1.22 and previous versions, WSR-2533DHP3 firmware Ver. 1.26 and previous versions, WSR-A2533DHP3 firmware Ver. 1.26 and previous versions, WSR-2533DHPL firmware Ver. 1.08 and previous versions, WSR-2533DHPL2 firmware Ver. 1.03 and previous versions, WSR-2533DHPLS firmware Ver. 1.07 and previous versions, and WCR-1166DS firmware Ver",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43443"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "VULMON",
"id": "CVE-2022-43443"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVNVU97099584",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2022-43443",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2829",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-43443",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-43443"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2829"
},
{
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"id": "VAR-202212-0949",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.7416666666666667
},
"last_update_date": "2024-02-15T22:56:53.105000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Buffalo Co., Ltd. \u00a0 announcement page",
"trust": 0.8,
"url": "https://www.buffalo.jp/news/detail/20221205-01.html"
},
{
"title": "Buffalo network devices Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=219178"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2829"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
},
{
"problemtype": " Unpublished features (CWE-912) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "https://jvn.jp/en/vu/jvnvu97099584/"
},
{
"trust": 1.0,
"url": "https://www.buffalo.jp/news/detail/20240131-01.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97099584/index.html"
},
{
"trust": 0.7,
"url": "https://jvn.jp/en/vu/jvnvu97099584/index.html"
},
{
"trust": 0.7,
"url": "https://www.buffalo.jp/news/detail/20221205-01.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-43443/"
},
{
"trust": 0.6,
"url": "https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-002775.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-43443"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2829"
},
{
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-43443"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-2829"
},
{
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-19T00:00:00",
"db": "VULMON",
"id": "CVE-2022-43443"
},
{
"date": "2022-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"date": "2022-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2829"
},
{
"date": "2022-12-19T03:15:10.517000",
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-19T00:00:00",
"db": "VULMON",
"id": "CVE-2022-43443"
},
{
"date": "2024-02-14T06:39:00",
"db": "JVNDB",
"id": "JVNDB-2022-002775"
},
{
"date": "2022-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-2829"
},
{
"date": "2024-02-14T07:15:08.110000",
"db": "NVD",
"id": "CVE-2022-43443"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2829"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Buffalo network equipment",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002775"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-2829"
}
],
"trust": 0.6
}
}
VAR-201708-0364
Vulnerability from variot - Updated: 2023-12-18 13:48Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors. WCR-1166DS provided by BUFFALO INC.is a wireless LAN router. WCR-1166DS contains an OS command injection vulnerability (CWE-78). Masashi Shiraishi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A user who can access the administrative console of the device may execute an arbitrary OS command. Buffalo WCR-1166DS with firmware version 1.30 and earlier has a security vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0364",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wcr-1166ds",
"scope": "eq",
"trust": 1.6,
"vendor": "buffalo",
"version": "1.30"
},
{
"model": "wcr-1166ds",
"scope": "lte",
"trust": 0.8,
"vendor": "buffalo",
"version": "firmware 1.30"
},
{
"model": "wcr-1166ds",
"scope": "lte",
"trust": 0.6,
"vendor": "buffalo",
"version": "\u003c=1.30"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"db": "NVD",
"id": "CVE-2017-10811"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:buffalo:wcr-1166ds_firmware:1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:buffalo:wcr-1166ds:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-10811"
}
]
},
"cve": "CVE-2017-10811",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-000192",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2017-27316",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "VHN-101171",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-000192",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-10811",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2017-000192",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-27316",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-980",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-101171",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"db": "VULHUB",
"id": "VHN-101171"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"db": "NVD",
"id": "CVE-2017-10811"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors. WCR-1166DS provided by BUFFALO INC.is a wireless LAN router. WCR-1166DS contains an OS command injection vulnerability (CWE-78). Masashi Shiraishi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A user who can access the administrative console of the device may execute an arbitrary OS command. Buffalo WCR-1166DS with firmware version 1.30 and earlier has a security vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-10811"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"db": "VULHUB",
"id": "VHN-101171"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVN05340005",
"trust": 3.1
},
{
"db": "NVD",
"id": "CVE-2017-10811",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-980",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-27316",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-101171",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"db": "VULHUB",
"id": "VHN-101171"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"db": "NVD",
"id": "CVE-2017-10811"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
]
},
"id": "VAR-201708-0364",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"db": "VULHUB",
"id": "VHN-101171"
}
],
"trust": 1.325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-27316"
}
]
},
"last_update_date": "2023-12-18T13:48:31.446000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "BUFFALO INC. website",
"trust": 0.8,
"url": "http://buffalo.jp/support_s/s20170804_1.html"
},
{
"title": "Patch for WCR-1166DSOS Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/99783"
},
{
"title": "Buffalo WCR-1166DS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74234"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-101171"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"db": "NVD",
"id": "CVE-2017-10811"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://jvn.jp/en/jp/jvn05340005/index.html"
},
{
"trust": 1.7,
"url": "http://buffalo.jp/support_s/s20170804_1.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10811"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-10811"
},
{
"trust": 0.6,
"url": "http://jvn.jp/en/jp/jvn05340005/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"db": "VULHUB",
"id": "VHN-101171"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"db": "NVD",
"id": "CVE-2017-10811"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"db": "VULHUB",
"id": "VHN-101171"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"db": "NVD",
"id": "CVE-2017-10811"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"date": "2017-08-18T00:00:00",
"db": "VULHUB",
"id": "VHN-101171"
},
{
"date": "2017-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"date": "2017-08-18T13:29:00.203000",
"db": "NVD",
"id": "CVE-2017-10811"
},
{
"date": "2017-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-27316"
},
{
"date": "2017-08-25T00:00:00",
"db": "VULHUB",
"id": "VHN-101171"
},
{
"date": "2018-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-000192"
},
{
"date": "2017-08-25T12:27:35.447000",
"db": "NVD",
"id": "CVE-2017-10811"
},
{
"date": "2017-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WCR-1166DS vulnerable to OS command injection",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-000192"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-980"
}
],
"trust": 0.6
}
}