CVE-2014-9284

The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:h:buffalotech:wsr-600dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalotech:wsr-600dhp:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:h:buffalotech:whr-300hp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalotech:whr-300hp2:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:h:buffalotech:whr-1166dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalotech:whr-1166dhp:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:h:buffalotech:bhr-4grv2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalotech:bhr-4grv2:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:h:buffalotech:wmr-300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalotech:wmr-300:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:h:buffalotech:wex-300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalotech:wex-300:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:h:buffalotech:whr-600d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalotech:whr-600d:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:20

Type Values Removed Values Added
References () http://jvn.jp/en/jp/JVN50447904/index.html - Vendor Advisory () http://jvn.jp/en/jp/JVN50447904/index.html - Vendor Advisory
References () http://jvndb.jvn.jp/jvndb/JVNDB-2015-000085 - Vendor Advisory () http://jvndb.jvn.jp/jvndb/JVNDB-2015-000085 - Vendor Advisory

Information

Published : 2015-06-09 00:59

Updated : 2024-11-21 02:20


NVD link : CVE-2014-9284

Mitre link : CVE-2014-9284

CVE.ORG link : CVE-2014-9284


JSON object : View

Products Affected

buffalotech

  • whr-300hp2
  • whr-600d
  • whr-1166dhp
  • wex-300
  • whr-300hp2_firmware
  • wsr-600dhp
  • bhr-4grv2_firmware
  • bhr-4grv2
  • wmr-300_firmware
  • wex-300_firmware
  • wmr-300
  • whr-600d_firmware
  • wsr-600dhp_firmware
  • whr-1166dhp_firmware
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')