Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2024-44072

Disclosure Date: September 10, 2024
CVE-2024-44072
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product’s specific management page, an arbitrary OS command may be executed.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
WHR-1166DHP2 Ver. 2.95 and earlier
WHR-1166DHP3 Ver. 2.95 and earlier
WHR-1166DHP4 Ver. 2.95 and earlier
WSR-1166DHP3 Ver. 1.18 and earlier
WSR-600DHP Ver. 2.93 and earlier
WEX-300HPTX/N Ver. 1.02 and earlier
WEX-733DHP2 Ver. 1.03 and earlier
WEX-1166DHP2 Ver. 1.05 and earlier
WEX-1166DHPS Ver. 1.05 and earlier
WEX-300HPS/N Ver. 1.02 and earlier
WEX-733DHPS Ver. 1.02 and earlier
WEX-733DHPTX Ver. 1.03 and earlier
WEX-1166DHP Ver. 1.23 and earlier
WEX-733DHP Ver. 1.64 and earlier
WHR-1166DHP Ver. 2.92 and earlier
WHR-300HP2 Ver. 2.51 and earlier
WHR-600D Ver. 2.91 and earlier
WMR-300 Ver. 2.50 and earlier
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis