Unrated severityNVD Advisory· Published Jun 9, 2015· Updated May 6, 2026

CVE-2014-9284

Description

The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.

Affected products

Buffalotech/Bhr 4grv2 Firmware
cpe:2.3:h:buffalotech:bhr-4grv2_firmware:*:*:*:*:*:*:*:*
Range: <=1.04
Buffalotech/Wex 300 Firmware
cpe:2.3:h:buffalotech:wex-300_firmware:*:*:*:*:*:*:*:*
Range: <=1.60
Buffalotech/Whr 1166dhp Firmware
cpe:2.3:h:buffalotech:whr-1166dhp_firmware:*:*:*:*:*:*:*:*
Range: <=1.60
Buffalotech/Whr 300hp2 Firmware
cpe:2.3:h:buffalotech:whr-300hp2_firmware:*:*:*:*:*:*:*:*
Range: <=1.60
Buffalotech/Whr 600d Firmware
cpe:2.3:h:buffalotech:whr-600d_firmware:*:*:*:*:*:*:*:*
Range: <=1.60
Buffalotech/Wmr 300 Firmware
cpe:2.3:h:buffalotech:wmr-300_firmware:*:*:*:*:*:*:*:*
Range: <=1.60
Buffalotech/Wsr 600dhp Firmware
cpe:2.3:h:buffalotech:wsr-600dhp_firmware:*:*:*:*:*:*:*:*
Range: <=1.60

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN50447904/index.htmlnvdVendor Advisory
jvndb.jvn.jp/jvndb/JVNDB-2015-000085nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000