Unrated severityNVD Advisory· Published Dec 19, 2022· Updated Apr 17, 2025
CVE-2022-43466
CVE-2022-43466
Description
OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- BUFFALO INC./WEX-1800AX4v5Range: firmware Ver. 1.13 and earlier
- BUFFALO INC./WEX-1800AX4EAv5Range: firmware Ver. 1.13 and earlier
firmware Ver. 1.22 and earlier+ 2 more
- (no CPE)range: firmware Ver. 1.22 and earlier
- (no CPE)range: firmware Ver. 1.26 and earlier
- (no CPE)range: firmware Ver. 1.26 and earlier
firmware Ver. 1.03 and earlier+ 2 more
- (no CPE)range: firmware Ver. 1.03 and earlier
- (no CPE)range: firmware Ver. 1.05
- (no CPE)range: firmware Ver. 1.07 and earlier
- BUFFALO INC./WSR-3200AX4Bv5Range: firmware Ver. 1.25
- BUFFALO INC./WSR-3200AX4Sv5Range: firmware Ver. 1.26 and earlier
- BUFFALO INC./WSR-A2533DHP2v5Range: firmware Ver. 1.22 and earlier
- BUFFALO INC./WXR-5700AX7Bv5Range: firmware Ver. 1.27 and earlier
- BUFFALO INC./WXR-5700AX7Sv5Range: firmware Ver. 1.27 and earlier
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.