PT-2015-4178 · Buffalo · Whr-600D+6
Masashi Sakai
+1
·
Publicado
2015-06-09
·
Atualizado
2015-06-16
·
CVE-2014-9284
CVSS v2.0
7.7
Alta
| Vetor | AV:A/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Buffalo WHR-1166DHP versions 1.60 and earlier
Buffalo WSR-600DHP versions 1.60 and earlier
Buffalo WHR-600D versions 1.60 and earlier
Buffalo WHR-300HP2 versions 1.60 and earlier
Buffalo WMR-300 versions 1.60 and earlier
Buffalo WEX-300 versions 1.60 and earlier
Buffalo BHR-4GRV2 versions 1.04 and earlier
Description
The issue allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
Recommendations
For Buffalo WHR-1166DHP versions 1.60 and earlier, update to a version later than 1.60.
For Buffalo WSR-600DHP versions 1.60 and earlier, update to a version later than 1.60.
For Buffalo WHR-600D versions 1.60 and earlier, update to a version later than 1.60.
For Buffalo WHR-300HP2 versions 1.60 and earlier, update to a version later than 1.60.
For Buffalo WMR-300 versions 1.60 and earlier, update to a version later than 1.60.
For Buffalo WEX-300 versions 1.60 and earlier, update to a version later than 1.60.
For Buffalo BHR-4GRV2 versions 1.04 and earlier, update to a version later than 1.04.
Correção
OS Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bhr-4Grv2
Wex-300
Whr-1166Dhp
Whr-300Hp2
Whr-600D
Wmr-300
Wsr-600Dhp