CVE-2023-49038
7.2HIGHCommand injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root.
Published: 1/29/2024Updated: 6/2/2025
Description
Command injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root.
AI AnalysisPowered by AI
Affected Products
buffalols210d_firmware
1.78-0.03
buffalols210d
-
References
- https://github.com/christopher-pace/CVE-2023-49038ExploitThird Party Advisory
- https://github.com/christopher-pace/CVE-2023-49038ExploitThird Party Advisory