CRITICAL🇵🇱 Wersja polska

CVE-2024-23486

CVSS 9.8v3.1pub. 2024-04-15upd. 2025-06-30

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.

🤖 AI Analysis
How it works

The vulnerability (CWE-256) consists in the fact that the router firmware stores access passwords in plaintext, without encryption or proper security. An attacker located in a network adjacent to the device and having access to the login page can read these credentials without needing to possess any privileges or interaction from the user.

Impact

An attacker can gain access to configured login credentials, which in practice means the possibility of taking full administrative control over the router and potential access to the local network.

Mitigation & patch

Apply patches available from the manufacturer according to the references (https://www.buffalo.jp/news/detail/20240410-01.html). It is also recommended to restrict access to the device management interface only to trusted hosts and avoid exposing the administrative panel to external network interfaces.

Who is affected

Buffalo WSR-2533DHP, WSR-2533DHP-L and WSR-2533DHP2 routers (firmware indicated in the manufacturer's references).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Buffalo Wsr 2533dhp

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 2533dhp2

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 2533dhp2 Firmware

    OS
    Buffalo
    < 1.11
  • Buffalo Wsr 2533dhp Firmware

    OS
    Buffalo
    < 1.07
  • Buffalo Wsr 2533dhpl

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr 2533dhpl Firmware

    OS
    Buffalo
    < 1.07
  • Buffalo Wsr A2533dhp2

    HW
    Buffalo
    wszystkie wersje
  • Buffalo Wsr A2533dhp2 Firmware

    OS
    Buffalo
    < 1.11
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2022-43443HIGH8.8ten sam produkt

OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute a...

CVE-2024-26023MEDIUM4.2ten sam produkt

OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrar...

CVE-2022-43466MEDIUM6.8ten sam produkt

OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an admin...

CVE-2022-43486MEDIUM6.8ten sam produkt

Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an admin...

CVE-2021-20090CRITICAL9.8⚠ KEVten sam vendor

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR...