CVE-2023-46681 Information

Description

Improper neutralization of argument delimiters in a command (‘Argument Injection’) vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product’s command line interface to execute an arbitrary command.

Reference

https://www.buffalo.jp/news/detail/20231225-01.html https://jvn.jp/en/jp/JVN23771490/