Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51363 | 1 Buffalo | 2 Vr-s1000, Vr-s1000 Firmware | 2024-02-20 | N/A | 6.5 MEDIUM |
| VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information. | |||||
| CVE-2023-46681 | 1 Buffalo | 2 Vr-s1000, Vr-s1000 Firmware | 2024-01-04 | N/A | 7.8 HIGH |
| Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command. | |||||
| CVE-2023-46711 | 1 Buffalo | 2 Vr-s1000, Vr-s1000 Firmware | 2024-01-04 | N/A | 4.6 MEDIUM |
| VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user. | |||||
| CVE-2023-45741 | 1 Buffalo | 2 Vr-s1000, Vr-s1000 Firmware | 2024-01-04 | N/A | 6.8 MEDIUM |
| VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands. | |||||