CVE-2017-2152

MEDIUM

WNC01WH <1.0.0.9 - Command Injection

Title source: llm

Description

WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.

References (1)

Scores

CVSS v3 6.8
EPSS 0.0027
EPSS Percentile 49.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-78
Status published

Affected Products (2)

buffalo_inc/wnc01wh_firmware < 1.0.0.9
BUFFALO INC./WNC01WH < firmware version 1.0.0.9 and earlier

Timeline

Published Apr 28, 2017
Tracked Since Feb 18, 2026