CVE-2022-39044 - Vulnerability Details

Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WLI-TX4-AG300N firmware Ver. 1.53 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WZR2-G108 firmware Ver. 1.33 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, and WZR-HP-G450H firmware Ver. 1.90 and earlier.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00142.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

BUFFALO INC.

Buffalo network devices

affected

Version	Status	Constraints
`A wide range of products is affected. For the specific products/versions information, see the URLs provided by the vendor and JVN which are listed in [Reference] section.`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:buffalo:wcr-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wcr-300:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:buffalo:whr-hp-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-g300n:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:buffalo:whr-hp-gn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-gn:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:buffalo:wpl-05g300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wpl-05g300:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:buffalo:wzr-300hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-300hp:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:buffalo:wzr-600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:buffalo:wzr-900dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-ag300h:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g302h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g302h:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:buffalo:wlae-ag300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wlae-ag300n:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:buffalo:fs-600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-600dhp:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:buffalo:fs-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-g300n:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:buffalo:fs-hp-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-hp-g300n:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:buffalo:fs-r600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-r600dhp:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:buffalo:bhr-4grv_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:bhr-4grv:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:dwr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:buffalo:dwr-pg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:dwr-pg:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:buffalo:hw-450hp-zwe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:hw-450hp-zwe:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:buffalo:wer-a54g54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wer-a54g54:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:buffalo:wer-ag54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wer-ag54:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:buffalo:wer-am54g54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wer-am54g54:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:buffalo:wer-amg54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wer-amg54:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:buffalo:whr-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-300:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:buffalo:whr-300hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-300hp:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:buffalo:whr-am54g54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-am54g54:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:buffalo:whr-amg54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-amg54:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:buffalo:whr-ampg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-ampg:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:buffalo:whr-g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:buffalo:whr-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g300n:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:buffalo:whr-g301n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g301n:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:buffalo:whr-g54s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g54s:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:buffalo:whr-g54s-ni_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g54s-ni:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:buffalo:whr-hp-ampg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-ampg:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:buffalo:whr-hp-g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-g:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:buffalo:whr-hp-g54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-g54:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:buffalo:wli-h4-d600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wli-h4-d600:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:buffalo:wli-tx4-ag300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wli-tx4-ag300n:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:buffalo:ws024bf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:ws024bf:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:buffalo:ws024bf-nw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:ws024bf-nw:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:buffalo:wzr2-g108_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr2-g108:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:buffalo:wzr2-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr2-g300n:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp-cwt:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp-ub_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp-ub:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:buffalo:wzr-600dhp2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:buffalo:wzr-agl300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-agl300nh:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:buffalo:wzr-ampg144nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-ampg144nh:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:buffalo:wzr-ampg300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-ampg300nh:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:buffalo:wzr-d1100h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-d1100h:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:buffalo:wzr-g144n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-g144n:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:buffalo:wzr-g144nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-g144nh:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g301nh:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g450h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g450h:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Buffalo Subscribe	Bhr-4grv Subscribe Bhr-4grv Firmware Subscribe Dwr-hp-g300nh Subscribe Dwr-hp-g300nh Firmware Subscribe Dwr-pg Subscribe Dwr-pg Firmware Subscribe Fs-600dhp Subscribe Fs-600dhp Firmware Subscribe Fs-g300n Subscribe Fs-g300n Firmware Subscribe Fs-hp-g300n Subscribe Fs-hp-g300n Firmware Subscribe Fs-r600dhp Subscribe Fs-r600dhp Firmware Subscribe Hw-450hp-zwe Subscribe Hw-450hp-zwe Firmware Subscribe Wcr-300 Subscribe Wcr-300 Firmware Subscribe Wer-a54g54 Subscribe Wer-a54g54 Firmware Subscribe Wer-ag54 Subscribe Wer-ag54 Firmware Subscribe Wer-am54g54 Subscribe Wer-am54g54 Firmware Subscribe Wer-amg54 Subscribe Wer-amg54 Firmware Subscribe Whr-300 Subscribe Whr-300 Firmware Subscribe Whr-300hp Subscribe Whr-300hp Firmware Subscribe Whr-am54g54 Subscribe Whr-am54g54 Firmware Subscribe Whr-amg54 Subscribe Whr-amg54 Firmware Subscribe Whr-ampg Subscribe Whr-ampg Firmware Subscribe Whr-g Subscribe Whr-g300n Subscribe Whr-g300n Firmware Subscribe Whr-g301n Subscribe Whr-g301n Firmware Subscribe Whr-g54s Subscribe Whr-g54s-ni Subscribe Whr-g54s-ni Firmware Subscribe Whr-g54s Firmware Subscribe Whr-g Firmware Subscribe Whr-hp-ampg Subscribe Whr-hp-ampg Firmware Subscribe Whr-hp-g Subscribe Whr-hp-g300n Subscribe Whr-hp-g300n Firmware Subscribe Whr-hp-g54 Subscribe Whr-hp-g54 Firmware Subscribe Whr-hp-g Firmware Subscribe Whr-hp-gn Subscribe Whr-hp-gn Firmware Subscribe Wlae-ag300n Subscribe Wlae-ag300n Firmware Subscribe Wli-h4-d600 Subscribe Wli-h4-d600 Firmware Subscribe Wli-tx4-ag300n Subscribe Wli-tx4-ag300n Firmware Subscribe Wpl-05g300 Subscribe Wpl-05g300 Firmware Subscribe Ws024bf Subscribe Ws024bf-nw Subscribe Ws024bf-nw Firmware Subscribe Ws024bf Firmware Subscribe Wzr-300hp Subscribe Wzr-300hp Firmware Subscribe Wzr-450hp Subscribe Wzr-450hp-cwt Subscribe Wzr-450hp-cwt Firmware Subscribe Wzr-450hp-ub Subscribe Wzr-450hp-ub Firmware Subscribe Wzr-450hp Firmware Subscribe Wzr-600dhp Subscribe Wzr-600dhp2 Subscribe Wzr-600dhp2 Firmware Subscribe Wzr-600dhp Firmware Subscribe Wzr-900dhp Subscribe Wzr-900dhp Firmware Subscribe Wzr-agl300nh Subscribe Wzr-agl300nh Firmware Subscribe Wzr-ampg144nh Subscribe Wzr-ampg144nh Firmware Subscribe Wzr-ampg300nh Subscribe Wzr-ampg300nh Firmware Subscribe Wzr-d1100h Subscribe Wzr-d1100h Firmware Subscribe Wzr-g144n Subscribe Wzr-g144n Firmware Subscribe Wzr-g144nh Subscribe Wzr-g144nh Firmware Subscribe Wzr-hp-ag300h Subscribe Wzr-hp-ag300h Firmware Subscribe Wzr-hp-g300nh Subscribe Wzr-hp-g300nh Firmware Subscribe Wzr-hp-g301nh Subscribe Wzr-hp-g301nh Firmware Subscribe Wzr-hp-g302h Subscribe Wzr-hp-g302h Firmware Subscribe Wzr-hp-g450h Subscribe Wzr-hp-g450h Firmware Subscribe Wzr2-g108 Subscribe Wzr2-g108 Firmware Subscribe Wzr2-g300n Subscribe Wzr2-g300n Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2022-41590	Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WLI-TX4-AG300N firmware Ver. 1.53 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WZR2-G108 firmware Ver. 1.33 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, and WZR-HP-G450H firmware Ver. 1.90 and earlier.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU92805279/index.html
https://www.buffalo.jp/news/detail/20221003-01.html

History

Thu, 24 Apr 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2022-12-07T00:00:00.000Z

Updated: 2025-04-23T16:07:13.452Z

Reserved: 2022-09-27T00:00:00.000Z

Link: CVE-2022-39044

Vulnrichment

Updated: 2024-08-03T11:10:32.333Z

NVD

Status : Modified

Published: 2022-12-07T10:15:11.023

Modified: 2025-04-23T16:15:22.027

Link: CVE-2022-39044

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-Other

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object