CVE-2022-39044

Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WLI-TX4-AG300N firmware Ver. 1.53 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WZR2-G108 firmware Ver. 1.33 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, and WZR-HP-G450H firmware Ver. 1.90 and earlier.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:buffalo:wcr-300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wcr-300:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:buffalo:whr-hp-g300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-hp-g300n:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:buffalo:whr-hp-gn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-hp-gn:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:buffalo:wpl-05g300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wpl-05g300:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:buffalo:wzr-300hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-300hp:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:buffalo:wzr-450hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-450hp:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:buffalo:wzr-600dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:buffalo:wzr-900dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-ag300h:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-g302h_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-g302h:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:buffalo:wlae-ag300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wlae-ag300n:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:buffalo:fs-600dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-600dhp:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:buffalo:fs-g300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-g300n:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:buffalo:fs-hp-g300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-hp-g300n:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:buffalo:fs-r600dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-r600dhp:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:buffalo:bhr-4grv_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:bhr-4grv:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:dwr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:buffalo:dwr-pg_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:dwr-pg:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:buffalo:hw-450hp-zwe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:hw-450hp-zwe:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:buffalo:wer-a54g54_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wer-a54g54:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:buffalo:wer-ag54_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wer-ag54:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:buffalo:wer-am54g54_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wer-am54g54:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:buffalo:wer-amg54_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wer-amg54:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:buffalo:whr-300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-300:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:buffalo:whr-300hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-300hp:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:buffalo:whr-am54g54_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-am54g54:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:buffalo:whr-amg54_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-amg54:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:buffalo:whr-ampg_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-ampg:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:buffalo:whr-g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-g:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:buffalo:whr-g300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-g300n:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:buffalo:whr-g301n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-g301n:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:buffalo:whr-g54s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-g54s:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:buffalo:whr-g54s-ni_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-g54s-ni:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:buffalo:whr-hp-ampg_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-hp-ampg:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:buffalo:whr-hp-g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-hp-g:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:buffalo:whr-hp-g54_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-hp-g54:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:buffalo:wli-h4-d600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wli-h4-d600:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:buffalo:wli-tx4-ag300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wli-tx4-ag300n:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:buffalo:ws024bf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:ws024bf:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:buffalo:ws024bf-nw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:ws024bf-nw:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:buffalo:wzr2-g108_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr2-g108:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:buffalo:wzr2-g300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr2-g300n:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-450hp-cwt:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:buffalo:wzr-450hp-ub_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-450hp-ub:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:buffalo:wzr-600dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:buffalo:wzr-agl300nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-agl300nh:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:buffalo:wzr-ampg144nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-ampg144nh:-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND
cpe:2.3:o:buffalo:wzr-ampg300nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-ampg300nh:-:*:*:*:*:*:*:*

Configuration 49 (hide)

AND
cpe:2.3:o:buffalo:wzr-d1100h_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-d1100h:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND
cpe:2.3:o:buffalo:wzr-g144n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-g144n:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND
cpe:2.3:o:buffalo:wzr-g144nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-g144nh:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 53 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-g301nh:-:*:*:*:*:*:*:*

Configuration 54 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-g450h_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-g450h:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:17

Type Values Removed Values Added
References () https://jvn.jp/en/vu/JVNVU92805279/index.html - Third Party Advisory () https://jvn.jp/en/vu/JVNVU92805279/index.html - Third Party Advisory
References () https://www.buffalo.jp/news/detail/20221003-01.html - Patch, Vendor Advisory () https://www.buffalo.jp/news/detail/20221003-01.html - Patch, Vendor Advisory

Information

Published : 2022-12-07 10:15

Updated : 2024-11-21 07:17


NVD link : CVE-2022-39044

Mitre link : CVE-2022-39044

CVE.ORG link : CVE-2022-39044


JSON object : View

Products Affected

buffalo

  • wzr-ampg144nh_firmware
  • wzr-300hp
  • wzr2-g108_firmware
  • whr-hp-gn_firmware
  • ws024bf
  • whr-hp-gn
  • whr-ampg_firmware
  • whr-am54g54
  • whr-hp-ampg_firmware
  • whr-g54s-ni
  • whr-g300n_firmware
  • fs-600dhp_firmware
  • whr-ampg
  • wpl-05g300
  • bhr-4grv
  • wzr-450hp-ub_firmware
  • wzr-hp-g450h
  • whr-g301n_firmware
  • wpl-05g300_firmware
  • wcr-300
  • wzr2-g300n_firmware
  • whr-hp-g54_firmware
  • wzr-hp-g302h
  • fs-r600dhp_firmware
  • hw-450hp-zwe_firmware
  • wzr-450hp-cwt
  • fs-hp-g300n_firmware
  • wzr-450hp-cwt_firmware
  • wcr-300_firmware
  • wzr-900dhp
  • wzr-hp-g450h_firmware
  • wzr-hp-ag300h
  • wzr-agl300nh_firmware
  • dwr-pg
  • fs-g300n_firmware
  • whr-hp-g
  • wzr-g144n
  • wzr-agl300nh
  • whr-hp-ampg
  • whr-amg54
  • whr-300hp
  • wzr-g144nh
  • whr-hp-g_firmware
  • wzr-hp-g301nh
  • bhr-4grv_firmware
  • fs-r600dhp
  • fs-600dhp
  • wzr-hp-ag300h_firmware
  • wli-tx4-ag300n
  • dwr-hp-g300nh
  • wli-h4-d600_firmware
  • ws024bf-nw
  • wzr-900dhp_firmware
  • wzr2-g108
  • wzr-hp-g300nh
  • wzr-600dhp
  • wzr-600dhp_firmware
  • whr-am54g54_firmware
  • wlae-ag300n
  • whr-g54s-ni_firmware
  • whr-g
  • wlae-ag300n_firmware
  • whr-g301n
  • ws024bf-nw_firmware
  • wer-a54g54_firmware
  • wzr-600dhp2
  • wzr-ampg300nh
  • whr-g_firmware
  • wer-a54g54
  • wer-am54g54_firmware
  • wzr-g144nh_firmware
  • whr-300_firmware
  • whr-g300n
  • whr-g54s
  • hw-450hp-zwe
  • whr-hp-g54
  • wzr-d1100h
  • wzr-g144n_firmware
  • wli-tx4-ag300n_firmware
  • wzr-d1100h_firmware
  • fs-g300n
  • wli-h4-d600
  • wzr-600dhp2_firmware
  • ws024bf_firmware
  • wer-amg54
  • whr-g54s_firmware
  • wzr-hp-g300nh_firmware
  • wzr-450hp-ub
  • dwr-pg_firmware
  • wzr-hp-g301nh_firmware
  • whr-hp-g300n_firmware
  • wer-amg54_firmware
  • whr-300
  • wer-ag54_firmware
  • wzr-ampg300nh_firmware
  • wzr2-g300n
  • wzr-ampg144nh
  • wer-am54g54
  • fs-hp-g300n
  • wzr-450hp
  • wzr-300hp_firmware
  • whr-amg54_firmware
  • wzr-hp-g302h_firmware
  • whr-300hp_firmware
  • wer-ag54
  • wzr-450hp_firmware
  • dwr-hp-g300nh_firmware
  • whr-hp-g300n