Published:2022/12/09  Last Updated:2022/12/09

JVNVU#97099584
Multiple vulnerabilities in Buffalo network devices

Overview

Multiple network devices provided by BUFFALO INC. contain multiple vulnerabilities.

Products Affected

CVE-2022-43466

  • WSR-3200AX4S firmware Ver. 1.26 and earlier
  • WSR-3200AX4B firmware Ver. 1.25
  • WSR-2533DHP2 firmware Ver. 1.22 and earlier
  • WSR-A2533DHP2 firmware Ver. 1.22 and earlier
  • WSR-2533DHP3 firmware Ver. 1.26 and earlier
  • WSR-A2533DHP3 firmware Ver. 1.26 and earlier
  • WSR-2533DHPL2 firmware Ver. 1.03 and earlier
  • WSR-2533DHPLS firmware Ver. 1.07 and earlier
  • WEX-1800AX4 firmware Ver. 1.13 and earlier
  • WEX-1800AX4EA firmware Ver. 1.13 and earlier
CVE-2022-43443
  • WSR-3200AX4S firmware Ver. 1.26 and earlier
  • WSR-3200AX4B firmware Ver. 1.25
  • WSR-2533DHP firmware Ver. 1.08 and earlier
  • WSR-2533DHP2 firmware Ver. 1.22 and earlier
  • WSR-A2533DHP2 firmware Ver. 1.22 and earlier
  • WSR-2533DHP3 firmware Ver. 1.26 and earlier
  • WSR-A2533DHP3 firmware Ver. 1.26 and earlier
  • WSR-2533DHPL firmware Ver. 1.08 and earlier
  • WSR-2533DHPL2 firmware Ver. 1.03 and earlier
  • WSR-2533DHPLS firmware Ver. 1.07 and earlier
  • WCR-1166DS firmware Ver. 1.34 and earlier
CVE-2022-43486
  • WSR-3200AX4S firmware Ver. 1.26 and earlier
  • WSR-3200AX4B firmware Ver. 1.25
  • WSR-2533DHP firmware Ver. 1.08 and earlier
  • WSR-2533DHP2 firmware Ver. 1.22 and earlier
  • WSR-A2533DHP2 firmware Ver. 1.22 and earlier
  • WSR-2533DHP3 firmware Ver. 1.26 and earlier
  • WSR-A2533DHP3 firmware Ver. 1.26 and earlier
  • WSR-2533DHPL firmware Ver. 1.08 and earlier
  • WSR-2533DHPL2 firmware Ver. 1.03 and earlier
  • WSR-2533DHPLS firmware Ver. 1.07 and earlier
  • WCR-1166DS firmware Ver. 1.34 and earlier
  • WEX-1800AX4 firmware Ver. 1.13 and earlier
  • WEX-1800AX4EA firmware Ver. 1.13 and earlier

Description

Multiple network devices provided by BUFFALO INC. contain multiple vulnerabilities listed below.

  • OS Command Injection (CWE-78) - CVE-2022-43466
    CVSS v3 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Base Score: 4.3
  • OS Command Injection (CWE-78) - CVE-2022-43443
    CVSS v3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Base Score: 6.3
  • Hidden Functionality (CWE-912) - CVE-2022-43486
    CVSS v3 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score: 6.8

Impact

  • An authenticated user may execute arbitrary OS commands by sending a specially crafted request and accessing a certain URL on the management console of the affected device - CVE-2022-43466
  • An unauthenticated attacker may execute arbitrary OS commands via sending a specially crafted request to the affected device - CVE-2022-43443
  • An authenticated user may enable the feature, and execute arbitrary commands on the affected device - CVE-2022-43486

Solution

Update the firmware
Update firmware to the latest version according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
BUFFALO INC. Vulnerable 2022/12/09 BUFFALO INC. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2022-43466
CVE-2022-43443
CVE-2022-43486
JVN iPedia