VYPR
Unrated severityNVD Advisory· Published Sep 11, 2007· Updated Jun 16, 2026

CVE-2007-4822

CVE-2007-4822

Description

Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html.

Affected products

2
  • cpe:2.3:h:buffalotech:airstation_whr-g54s:1.20:firmware:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:buffalotech:airstation_whr-g54s:1.20:firmware:*:*:*:*:*:*
    • (no CPE)range: = 1.20

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.