CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20091

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.86

EPSS Ranking 99.3%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2021-20091

Buffalo » Wsr-2533dhp3-Bk » Version: N/A

cpe:2.3:h:buffalo:wsr-2533dhp3-bk:-
Buffalo » Wsr-2533dhpl2-Bk » Version: N/A

cpe:2.3:h:buffalo:wsr-2533dhpl2-bk:-
Buffalo » Wsr-2533dhp3-Bk Firmware » Version: N/A

cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:-
Buffalo » Wsr-2533dhp3-Bk Firmware » Version: 1.24

cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:1.24
Buffalo » Wsr-2533dhpl2-Bk Firmware » Version: N/A

cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:-
Buffalo » Wsr-2533dhpl2-Bk Firmware » Version: 1.02

cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:1.02

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20091

Products

Pricing

Contact Us