cbcvebase.

Buffalo Wsr-2533Dhp2 Firmware vulnerabilities

5 known vulnerabilities affecting buffalo/wsr-2533dhp2_firmware.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2024-23486P2CRITICALCVSS 9.8fixed in 1.112024-04-15
CVE-2024-23486 [CRITICAL] CWE-256 CVE-2024-23486: Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a netw Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.
nvd
CVE-2022-43443P3HIGHCVSS 8.8≤ 1.222022-12-19
CVE-2022-43443 [HIGH] CWE-78 CVE-2022-43443: OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page.
nvd
CVE-2022-43466P3MEDIUMCVSS 6.8≤ 1.222022-12-19
CVE-2022-43466 [MEDIUM] CWE-78 CVE-2022-43466: OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker wit OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.
nvd
CVE-2022-43486P3MEDIUMCVSS 6.8≤ 1.222022-12-19
CVE-2022-43486 [MEDIUM] CWE-94 CVE-2022-43486: Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker wit Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices.
nvd
CVE-2024-26023P4MEDIUMCVSS 4.2fixed in 1.112024-04-15
CVE-2024-26023 [MEDIUM] CWE-78 CVE-2024-26023: OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execut OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.
nvd
Buffalo Wsr-2533Dhp2 Firmware vulnerabilities | cvebase