HIGH🇵🇱 Wersja polska

CVE-2021-20092

CVSS 7.5v3.1pub. 2021-04-29upd. 2024-11-21

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Buffalo Wsr 2533dhp3 Bk

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 2533dhp3 Bk Firmware

    OS
    Buffalo
    ≤ 1.24
  • Buffalo Wsr 2533dhpl2 Bk

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 2533dhpl2 Bk Firmware

    OS
    Buffalo
    ≤ 1.02
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2021-20090CRITICAL9.8⚠ KEVten sam produkt

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR...

CVE-2021-20091HIGH8.8ten sam produkt

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24...

CVE-2026-45777CRITICAL9.3PL ✓ten sam vendor

RCE poprzez command injection w Open XDMoD (wersje 9.5.0–11.0.2)

CVE-2026-45779CRITICAL9.3PL ✓ten sam vendor

SQL Injection w Open XDMoD — nieuwierzytelniony dostęp do bazy danych

CVE-2024-23486CRITICAL9.8PL ✓ten sam vendor

Buffalo WSR-2533DHP — hasło przechowywane w postaci jawnej (plaintext)