← voltar
CVE-2022-43466

CVE-2022-43466

CVSS 6.8 MEDIUMEPSS 0.8%CWE-78
OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
BUFFALO INC. · WEX-1800AX4BUFFALO INC. · WEX-1800AX4EABUFFALO INC. · WSR-2533DHP2BUFFALO INC. · WSR-2533DHP3BUFFALO INC. · WSR-2533DHPL2BUFFALO INC. · WSR-2533DHPLBBUFFALO INC. · WSR-2533DHPLSBUFFALO INC. · WSR-3200AX4BBUFFALO INC. · WSR-3200AX4SBUFFALO INC. · WSR-A2533DHP2BUFFALO INC. · WSR-A2533DHP3BUFFALO INC. · WXR-5700AX7BBUFFALO INC. · WXR-5700AX7S

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://jvn.jp/en/vu/JVNVU97099584/https://www.buffalo.jp/news/detail/20240131-01.html