CVE-2014-9284
https://notcve.org/view.php?id=CVE-2014-9284
The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. Los routers Buffalo WHR-1166DHP 1.60 y anteriores, WSR-600DHP 1.60 y anteriores, WHR-600D 1.60 y anteriores, WHR-300HP2 1.60 y anteriores, WMR-300 1.60 y anteriores, WEX-300 1.60 y anteriores, y BHR-4GRV2 1.04 y anteriores permiten a usuarios remotos autenticados ejecutar comandos OS arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN50447904/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000085 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •