Vulnerability Description
The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Buffalo | Wsr-2533Dhpl2-Bk Firmware | <= 1.02 |
| Buffalo | Wsr-2533Dhpl2-Bk | - |
| Buffalo | Wsr-2533Dhp3-Bk Firmware | <= 1.24 |
| Buffalo | Wsr-2533Dhp3-Bk | - |
Related Weaknesses (CWE)
References
- https://www.tenable.com/security/research/tra-2021-13Third Party Advisory
- https://www.tenable.com/security/research/tra-2021-13Third Party Advisory
FAQ
What is CVE-2021-20092?
CVE-2021-20092 is a vulnerability with a CVSS score of 7.5 (HIGH). The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.
How severe is CVE-2021-20092?
CVE-2021-20092 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-20092?
Check the references section above for vendor advisories and patch information. Affected products include: Buffalo Wsr-2533Dhpl2-Bk Firmware, Buffalo Wsr-2533Dhpl2-Bk, Buffalo Wsr-2533Dhp3-Bk Firmware, Buffalo Wsr-2533Dhp3-Bk.