VYPR
Unrated severityNVD Advisory· Published Dec 19, 2022· Updated Apr 17, 2025

CVE-2022-43466

CVE-2022-43466

Description

OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • BUFFALO INC./WEX-1800AX4v5
    Range: firmware Ver. 1.13 and earlier
  • BUFFALO INC./WEX-1800AX4EAv5
    Range: firmware Ver. 1.13 and earlier
  • Buffalotech/WSR-2533DHP3cpe-rescue3 versions
    firmware Ver. 1.22 and earlier+ 2 more
    • (no CPE)range: firmware Ver. 1.22 and earlier
    • (no CPE)range: firmware Ver. 1.26 and earlier
    • (no CPE)range: firmware Ver. 1.26 and earlier
  • Buffalotech/WSR-2533DHPL2cpe-rescue3 versions
    firmware Ver. 1.03 and earlier+ 2 more
    • (no CPE)range: firmware Ver. 1.03 and earlier
    • (no CPE)range: firmware Ver. 1.05
    • (no CPE)range: firmware Ver. 1.07 and earlier
  • BUFFALO INC./WSR-3200AX4Bv5
    Range: firmware Ver. 1.25
  • BUFFALO INC./WSR-3200AX4Sv5
    Range: firmware Ver. 1.26 and earlier
  • BUFFALO INC./WSR-A2533DHP2v5
    Range: firmware Ver. 1.22 and earlier
  • BUFFALO INC./WXR-5700AX7Bv5
    Range: firmware Ver. 1.27 and earlier
  • BUFFALO INC./WXR-5700AX7Sv5
    Range: firmware Ver. 1.27 and earlier

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.