VYPR

WSR-2533DHPL2

by Buffalotech

CVEs (8)

  • CVE-2021-20090KEVApr 29, 2021
    risk 0.20cvss epss 1.00

    A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.

  • CVE-2021-20091Apr 29, 2021
    risk 0.07cvss epss 0.09

    The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code…

  • CVE-2021-20092Apr 29, 2021
    risk 0.06cvss epss 0.08

    The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.

  • CVE-2024-26023Apr 15, 2024
    risk 0.00cvss epss 0.01

    OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.

  • CVE-2024-23486Apr 15, 2024
    risk 0.00cvss epss 0.01

    Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.

  • CVE-2022-43466Dec 19, 2022
    risk 0.00cvss epss 0.01

    OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.

  • CVE-2022-43443Dec 19, 2022
    risk 0.00cvss epss 0.01

    OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page.

  • CVE-2022-43486Dec 19, 2022
    risk 0.00cvss epss 0.00

    Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices.