Unrated severityCISA KEVNVD Advisory· Published Apr 29, 2021· Updated Oct 21, 2025

CVE-2021-20090

Description

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.

Affected products

Buffalo/WSR-2533DHPL2 firmwaredescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/914124mitrethird-party-advisory
www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/mitre
www.tenable.com/security/research/tra-2021-13mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000