CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20090

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.944

EPSS Ranking 100.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

Proposed Action

Arcadyan Buffalo firmware contains a path traversal vulnerability that could allow unauthenticated, remote attackers to bypass authentication and access sensitive information. This vulnerability affects multiple routers across several different vendors.

Ransomware Campaign

Unknown

References

Products affected by CVE-2021-20090

Buffalo » Wsr-2533dhp3-Bk » Version: N/A

cpe:2.3:h:buffalo:wsr-2533dhp3-bk:-
Buffalo » Wsr-2533dhpl2-Bk » Version: N/A

cpe:2.3:h:buffalo:wsr-2533dhpl2-bk:-
Buffalo » Wsr-2533dhp3-Bk Firmware » Version: N/A

cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:-
Buffalo » Wsr-2533dhp3-Bk Firmware » Version: 1.24

cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:1.24
Buffalo » Wsr-2533dhpl2-Bk Firmware » Version: N/A

cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:-
Buffalo » Wsr-2533dhpl2-Bk Firmware » Version: 1.02

cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:1.02

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20090

Products

Pricing

Contact Us