ГлавнаяУязвимости → CVE-2024-23486
9.8критическая

CVE-2024-23486

Описание

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.

Затрагиваемое ПО
Buffalo Wsr-2533dhp firmwareBuffalo Wsr-2533dhpBuffalo Wsr-2533dhpl firmwareBuffalo Wsr-2533dhplBuffalo Wsr-2533dhp2 firmwareBuffalo Wsr-2533dhp2Buffalo Wsr-a2533dhp2 firmwareBuffalo Wsr-a2533dhp2
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://jvn.jp/en/jp/JVN58236836/https://www.buffalo.jp/news/detail/20240410-01.htmlhttps://jvn.jp/en/jp/JVN58236836/https://www.buffalo.jp/news/detail/20240410-01.html