Details of VAR-202212-0948

ID

VAR-202212-0948

CVE

CVE-2022-43486

TITLE

Multiple vulnerabilities in Buffalo network equipment

Trust: 0.8

sources: JVNDB: JVNDB-2022-002775

DESCRIPTION

Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices. Multiple network devices provided by BUFFALO CORPORATION contain the following vulnerabilities. * OS Command injection (CWE-78) - CVE-2022-43466 It was * OS Command injection (CWE-78) - CVE-2022-43443 It was * Issue with enabling undocumented debugging features (CWE-912) - CVE-2022-43486 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party who can log into the management screen of the device may CGI When a specially crafted request is sent to a program, arbitrary commands are executed when a specific management screen is opened. - CVE-2022-43466 It was * Arbitrary commands are executed when a specially crafted request is sent to the management screen by a third party who has access to the device. - CVE-2022-43443 It was * A third party who can log in to the management screen of the device illegally activates the debugging function and executes arbitrary commands. - CVE-2022-43486. 1.26 and previous versions, WSR-3200AX4B firmware Ver. 1.25, WSR-2533DHP firmware Ver. 1.08 and previous versions, WSR-2533DHP2 firmware Ver. 1.22 and previous versions, WSR-A2533DHP2 firmware Ver. 1.22 and previous versions, WSR-2533DHP3 firmware Ver. 1.26 and previous versions, WSR-A2533DHP3 firmware Ver. 1.26 and previous versions, WSR-2533DHPL firmware Ver. 1.08 and previous versions, WSR-2533DHPL2 firmware Ver. 1.03 and previous versions, WSR-2533DHPLS firmware Ver. 1.07 and previous versions, WCR-1166DS firmware Ver. 1.34 and previous versions, WEX-1800AX4 firmware Ver. 1.13 and previous versions, and WEX-1800AX4EA firmware Ver

Trust: 1.71

sources: NVD: CVE-2022-43486 // JVNDB: JVNDB-2022-002775 // VULMON: CVE-2022-43486

AFFECTED PRODUCTS

vendor:	buffalo	model:	wsr-3200ax4s	scope:	lte	version:	1.26	Trust: 1.0
vendor:	buffalo	model:	wsr-2533dhpl	scope:	lte	version:	1.08	Trust: 1.0
vendor:	buffalo	model:	wsr-2533dhp	scope:	lte	version:	1.08	Trust: 1.0
vendor:	buffalo	model:	wcr-1166ds	scope:	lte	version:	1.34	Trust: 1.0
vendor:	buffalo	model:	wsr-3200ax4b	scope:	eq	version:	1.25	Trust: 1.0
vendor:	buffalo	model:	wsr-a2533dhp2	scope:	lte	version:	1.22	Trust: 1.0
vendor:	buffalo	model:	wsr-2533dhpls	scope:	lte	version:	1.07	Trust: 1.0
vendor:	buffalo	model:	wex-1800ax4	scope:	lte	version:	1.13	Trust: 1.0
vendor:	buffalo	model:	wsr-2533dhpl2	scope:	lte	version:	1.03	Trust: 1.0
vendor:	buffalo	model:	wsr-2533dhp2	scope:	lte	version:	1.22	Trust: 1.0
vendor:	buffalo	model:	wex-1800ax4ea	scope:	lte	version:	1.13	Trust: 1.0
vendor:	buffalo	model:	wsr-2533dhp3	scope:	lte	version:	1.26	Trust: 1.0
vendor:	buffalo	model:	wsr-a2533dhp3	scope:	lte	version:	1.26	Trust: 1.0
vendor:	バッファロー	model:	wsr-2533dhpl2	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-2533dhplb	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-2533dhpl	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wxr-5700ax7b	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-a2533dhp2	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-2533dhpls	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-3200ax4b	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wcr-1166ds	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wex-1800ax4ea	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-2533dhp3	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-2533dhp	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wex-1800ax4	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wxr-5700ax7s	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-3200ax4s	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-a2533dhp3	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-1166dhp2	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wxr-11000xe12	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-2533dhp2	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-002775 // NVD: CVE-2022-43486

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-43486
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2022-002775
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202212-2828
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-43486
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2022-002775
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-002775 // CNNVD: CNNVD-202212-2828 // NVD: CVE-2022-43486

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	OS Command injection (CWE-78) [ others ]	Trust: 0.8
problemtype:	Unpublished features (CWE-912) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-002775 // NVD: CVE-2022-43486

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202212-2828

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202212-2828

PATCH

title:	Buffalo Co., Ltd. announcement page	url:	https://www.buffalo.jp/news/detail/20221205-01.html	Trust: 0.8
title:	Buffalo network devices Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=218326	Trust: 0.6

sources: JVNDB: JVNDB-2022-002775 // CNNVD: CNNVD-202212-2828

EXTERNAL IDS

db:	JVN	id:	JVNVU97099584	Trust: 2.5
db:	NVD	id:	CVE-2022-43486	Trust: 2.5
db:	JVNDB	id:	JVNDB-2022-002775	Trust: 1.4
db:	CNNVD	id:	CNNVD-202212-2828	Trust: 0.6
db:	VULMON	id:	CVE-2022-43486	Trust: 0.1

sources: VULMON: CVE-2022-43486 // JVNDB: JVNDB-2022-002775 // CNNVD: CNNVD-202212-2828 // NVD: CVE-2022-43486

REFERENCES

url:	https://jvn.jp/en/vu/jvnvu97099584/	Trust: 1.0
url:	https://www.buffalo.jp/news/detail/20240131-01.html	Trust: 1.0
url:	http://jvn.jp/vu/jvnvu97099584/index.html	Trust: 0.8
url:	https://jvn.jp/en/vu/jvnvu97099584/index.html	Trust: 0.7
url:	https://www.buffalo.jp/news/detail/20221205-01.html	Trust: 0.7
url:	https://cxsecurity.com/cveshow/cve-2022-43486/	Trust: 0.6
url:	https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-002775.html	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2022-43486 // JVNDB: JVNDB-2022-002775 // CNNVD: CNNVD-202212-2828 // NVD: CVE-2022-43486

SOURCES

db:	VULMON	id:	CVE-2022-43486
db:	JVNDB	id:	JVNDB-2022-002775
db:	CNNVD	id:	CNNVD-202212-2828
db:	NVD	id:	CVE-2022-43486

LAST UPDATE DATE

2024-08-14T15:16:20.591000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2022-43486	date:	2022-12-19T00:00:00
db:	JVNDB	id:	JVNDB-2022-002775	date:	2024-02-14T06:39:00
db:	CNNVD	id:	CNNVD-202212-2828	date:	2022-12-28T00:00:00
db:	NVD	id:	CVE-2022-43486	date:	2024-02-14T07:15:09.107

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2022-43486	date:	2022-12-19T00:00:00
db:	JVNDB	id:	JVNDB-2022-002775	date:	2022-12-12T00:00:00
db:	CNNVD	id:	CNNVD-202212-2828	date:	2022-12-09T00:00:00
db:	NVD	id:	CVE-2022-43486	date:	2022-12-19T03:15:10.633