Описание
A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.
A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-20090
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-20090
- https://www.kb.cert.org/vuls/id/914124
- https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation
- https://www.tenable.com/security/research/tra-2021-13
Связанные уязвимости
A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.
Уязвимость веб-интерфейса микропрограммного обеспечения Arcadyan маршрутизаторов Buffalo, позволяющая нарушителю обойти процесс аутентификации