CVE-2024-23486

CVSS 9.8 CRITICALEPSS 0.6%CWE-256

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Productos afectados

BUFFALO INC. · WSR-2533DHP BUFFALO INC. · WSR-2533DHP2 BUFFALO INC. · WSR-2533DHPL BUFFALO INC. · WSR-A2533DHP2

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://jvn.jp/en/jp/JVN58236836/https://www.buffalo.jp/news/detail/20240410-01.html