CVE-2023-46681

Summary

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command.

Affected Software

VendorProductVersion RangeStatus
BUFFALO INC.VR-S1000firmware Ver. 2.37 and earlieraffected

Weaknesses

  • Improper neutralization of argument delimiters in a command ('Argument Injection')

ADP Enrichment

CVE Program Container

Additional References

References