The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NBuffalo Wsr 2533dhp3 Bk
HWBuffalowszystkie wersjeBuffalo Wsr 2533dhp3 Bk Firmware
OSBuffalo≤ 1.24Buffalo Wsr 2533dhpl2 Bk
HWBuffalowszystkie wersjeBuffalo Wsr 2533dhpl2 Bk Firmware
OSBuffalo≤ 1.02
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
Related vulnerabilities
CVE-2021-20090CRITICAL9.8⚠ KEVten sam produkt
A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR...
CVE-2021-20091HIGH8.8ten sam produkt
The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24...
CVE-2026-45777CRITICAL9.3PL ✓ten sam vendor
RCE poprzez command injection w Open XDMoD (wersje 9.5.0–11.0.2)
CVE-2026-45779CRITICAL9.3PL ✓ten sam vendor
SQL Injection w Open XDMoD — nieuwierzytelniony dostęp do bazy danych
CVE-2024-23486CRITICAL9.8PL ✓ten sam vendor
Buffalo WSR-2533DHP — hasło przechowywane w postaci jawnej (plaintext)