Vulnerability Description
The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Buffalotech | Wsr-600Dhp Firmware | <= 1.60 |
| Buffalotech | Wsr-600Dhp | - |
| Buffalotech | Whr-300Hp2 Firmware | <= 1.60 |
| Buffalotech | Whr-300Hp2 | - |
| Buffalotech | Whr-1166Dhp Firmware | <= 1.60 |
| Buffalotech | Whr-1166Dhp | - |
| Buffalotech | Bhr-4Grv2 Firmware | <= 1.04 |
| Buffalotech | Bhr-4Grv2 | - |
| Buffalotech | Wmr-300 Firmware | <= 1.60 |
| Buffalotech | Wmr-300 | - |
| Buffalotech | Wex-300 Firmware | <= 1.60 |
| Buffalotech | Wex-300 | - |
| Buffalotech | Whr-600D Firmware | <= 1.60 |
| Buffalotech | Whr-600D | - |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN50447904/index.htmlVendor Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000085Vendor Advisory
- http://jvn.jp/en/jp/JVN50447904/index.htmlVendor Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000085Vendor Advisory
FAQ
What is CVE-2014-9284?
CVE-2014-9284 is a vulnerability with a CVSS score of 7.7 (HIGH). The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 an...
How severe is CVE-2014-9284?
CVE-2014-9284 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-9284?
Check the references section above for vendor advisories and patch information. Affected products include: Buffalotech Wsr-600Dhp Firmware, Buffalotech Wsr-600Dhp, Buffalotech Whr-300Hp2 Firmware, Buffalotech Whr-300Hp2, Buffalotech Whr-1166Dhp Firmware.