Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

bbr-4mg_firmware

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2017-10896
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.1||MEDIUM
EPSS-0.71% / 48.84%
||
7 Day CHG~0.00%
Published-08 Dec, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-BUFFALO INC.
Product-bbr-4hgbbr-4hg_firmwarebbr-4mgbbr-4mg_firmwareBBR-4MGBBR-4HG
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2017-10897
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-4.5||MEDIUM
EPSS-0.45% / 35.72%
||
7 Day CHG~0.00%
Published-08 Dec, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors.

Action-Not Available
Vendor-BUFFALO INC.
Product-bbr-4hgbbr-4hg_firmwarebbr-4mgbbr-4mg_firmwareBBR-4MGBBR-4HG
CWE ID-CWE-20
Improper Input Validation
CVE-2011-1324
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-5.8||MEDIUM
EPSS-0.47% / 37.36%
||
7 Day CHG~0.00%
Published-09 May, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.

Action-Not Available
Vendor-n/aBUFFALO INC.
Product-wzr-ampg300nhwhr-hp-g54_firmwarewhr-hp-g54bbr-4hg_firmwareas-100wzr-ampg144nh_firmwarewhr-hp-ampg_firmwarewzr-g144nh_firmwarewhr-hp-gwhr-gwhr-g54swhr-g_firmwarewer-a54g54_firmwarebbr-4mgwer-amg54_firmwarebhr-4rv_firmwarewzr-g144nbbr-4mg_firmwarewzr-g144n_firmwarewzr2-g300n_firmwarefs-g54_firmwarewer-amg54fs-g54wer-am54g54whr-amg54_firmwarewhr-ampg_firmwarewhr-ampgwhr-am54g54_firmwarewhr-hp-g_firmwarewer-a54g54whr-am54g54whr-amg54bhr-4rvwzr-ampg300nh_firmwarewzr-ampg144nhwer-ag54_firmwarewhr-g54s_firmwarewzr2-g300nwzr-g144nhwer-ag54whr-hp-ampgbbr-4hgwer-am54g54_firmwaren/a
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)