Description

OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS command may be executed.

INFO

Published Date :

2024-09-10T06:56:44.182Z

Last Modified :

2024-09-10T19:58:39.140Z

Source :

jpcert
AFFECTED PRODUCTS

The following products are affected by CVE-2024-44072 vulnerability.

Vendors Products
Buffalo Inc
  • Wex 1166dhp
  • Wex 1166dhp2
  • Wex 1166dhps
  • Wex 300hpsn
  • Wex 300hptxn
  • Wex 733dhp
  • Wex 733dhp2
  • Wex 733dhps
  • Wex 733hptx
  • Whr 1166dhp
  • Whr 1166dhp2
  • Whr 1166dhp3
  • Whr 1166dhp4
  • Whr 300hp2
  • Whr 600d
  • Wmr 300
  • Wsr 1166dhp3
  • Wsr 600dhp
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-44072.

URL Resource
https://jvn.jp/en/jp/JVN12824024/ cve-icon cve-icon
https://www.buffalo.jp/news/detail/20240719-01.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact