Unrated severityNVD Advisory· Published Apr 11, 2023· Updated Feb 11, 2025
CVE-2023-24464
CVE-2023-24464
Description
Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Range: <= 1.0.10.01
- Range: <= 1.0.10.01
- Range: <= 1.0.10.01
- Range: <= 1.0.10.01
- BUFFALO INC./BS-GS seriesv5Range: BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.