MEDIUM🇵🇱 Wersja polska

CVE-2024-26023

CVSS 4.2v3.1pub. 2024-04-15upd. 2025-06-30

OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
  • Buffalo Wcr 1166ds

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wcr 1166ds Firmware

    OS
    Buffalo
    < 1.33
  • Buffalo Wsr 1166dhp

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 1166dhp2

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 1166dhp2 Firmware

    OS
    Buffalo
    < 1.15
  • Buffalo Wsr 1166dhp Firmware

    OS
    Buffalo
    < 1.15
  • Buffalo Wsr 2533dhp

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 2533dhp2

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 2533dhp2 Firmware

    OS
    Buffalo
    < 1.11
  • Buffalo Wsr 2533dhp Firmware

    OS
    Buffalo
    < 1.07
  • Buffalo Wsr 2533dhpl

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 2533dhpl Firmware

    OS
    Buffalo
    < 1.07
  • Buffalo Wsr A2533dhp2

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr A2533dhp2 Firmware

    OS
    Buffalo
    < 1.11
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2024-23486CRITICAL9.8PL ✓ten sam produkt

Buffalo WSR-2533DHP — hasło przechowywane w postaci jawnej (plaintext)

CVE-2022-43443HIGH8.8ten sam produkt

OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute a...

CVE-2022-43466MEDIUM6.8ten sam produkt

OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an admin...

CVE-2022-43486MEDIUM6.8ten sam produkt

Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an admin...

CVE-2017-10811MEDIUM6.8ten sam produkt

Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands v...