VYPR
Unrated severityNVD Advisory· Published Apr 11, 2023· Updated Feb 11, 2025

CVE-2023-24464

CVE-2023-24464

Description

Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Range: <= 1.0.10.01
  • Range: <= 1.0.10.01
  • Range: <= 1.0.10.01
  • Range: <= 1.0.10.01
  • BUFFALO INC./BS-GS seriesv5
    Range: BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.