Buffalo Wsr-2533Dhp3-Bk Firmware vulnerabilities
3 known vulnerabilities affecting buffalo/wsr-2533dhp3-bk_firmware.
Total CVEs
3
CISA KEV
1
actively exploited
Public exploits
3
Exploited in wild
3
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2021-20090P1CRITICALCVSS 9.8KEVPoC≤ 1.242021-04-29
CVE-2021-20090 [CRITICAL] CWE-22 CVE-2021-20090: A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.
A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.
nvd
CVE-2021-20091P1HIGHCVSS 8.8ExploitedPoC≤ 1.242021-04-29
CVE-2021-20091 [HIGH] CVE-2021-20091: The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware versi
The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution.
nvd
CVE-2021-20092P2HIGHCVSS 7.5ExploitedPoC≤ 1.242021-04-29
CVE-2021-20092 [HIGH] CWE-287 CVE-2021-20092: The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware versi
The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.
nvd