Lucene search

[email protected]NVD:CVE-2011-1324

HistoryMay 09, 2011 - 7:55 p.m.

CVE-2011-1324

2011-05-0919:55:03

CWE-352

[email protected]

web.nvd.nist.gov

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.3%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.

Affected configurations

NVD

Node

buffalotechbbr-4hg_firmwareMatch1.02

buffalotechbbr-4hg_firmwareMatch1.04

buffalotechbbr-4hg_firmwareMatch1.04beta

buffalotechbbr-4hg_firmwareMatch1.10

buffalotechbbr-4hg_firmwareMatch1.10beta

buffalotechbbr-4hg_firmwareMatch1.11beta

buffalotechbbr-4hg_firmwareMatch1.12

buffalotechbbr-4hg_firmwareMatch1.20

buffalotechbbr-4hg_firmwareMatch1.20beta

buffalotechbbr-4hg_firmwareMatch1.30

buffalotechbbr-4hg_firmwareMatch1.30beta

buffalotechbbr-4hg_firmwareMatch1.31

buffalotechbbr-4hg_firmwareMatch1.32

buffalotechbbr-4hg_firmwareMatch1.32beta

buffalotechbbr-4hg_firmwareMatch1.33beta

buffalotechbbr-4mg_firmwareMatch1.00

buffalotechbbr-4mg_firmwareMatch1.01beta

buffalotechbbr-4mg_firmwareMatch1.03

buffalotechbbr-4mg_firmwareMatch1.04

buffalotechbbr-4mg_firmwareMatch1.04beta

buffalotechbbr-4mg_firmwareMatch1.10

buffalotechbbr-4mg_firmwareMatch1.10beta

buffalotechbbr-4mg_firmwareMatch1.11beta

buffalotechbbr-4mg_firmwareMatch1.12

buffalotechbbr-4mg_firmwareMatch1.20

buffalotechbbr-4mg_firmwareMatch1.20beta

buffalotechbbr-4mg_firmwareMatch1.30

buffalotechbbr-4mg_firmwareMatch1.30beta

buffalotechbbr-4mg_firmwareMatch1.31

buffalotechbbr-4mg_firmwareMatch1.32

buffalotechbbr-4mg_firmwareMatch1.32beta

buffalotechbbr-4mg_firmwareMatch1.33

buffalotechbbr-4mg_firmwareMatch1.33beta

buffalotechbhr-4rv_firmwareMatch2.31

buffalotechbhr-4rv_firmwareMatch2.32prebeta

buffalotechbhr-4rv_firmwareMatch2.33prebeta

buffalotechbhr-4rv_firmwareMatch2.42

buffalotechbhr-4rv_firmwareMatch2.46

buffalotechbhr-4rv_firmwareMatch2.48

buffalotechfs-g54_firmwareMatch2.07

buffalotechwer-a54g54_firmwareMatch1.00

buffalotechwer-a54g54_firmwareMatch1.01beta

buffalotechwer-a54g54_firmwareMatch1.02

buffalotechwer-a54g54_firmwareMatch1.03

buffalotechwer-a54g54_firmwareMatch1.10

buffalotechwer-a54g54_firmwareMatch1.12

buffalotechwer-a54g54_firmwareMatch1.12beta

buffalotechwer-a54g54_firmwareMatch1.13

buffalotechwer-ag54_firmwareMatch1.04

buffalotechwer-ag54_firmwareMatch1.12

buffalotechwer-ag54_firmwareMatch1.12beta

buffalotechwer-am54g54_firmwareMatch1.11

buffalotechwer-am54g54_firmwareMatch1.12

buffalotechwer-am54g54_firmwareMatch1.12beta

buffalotechwer-am54g54_firmwareMatch1.13

buffalotechwer-am54g54_firmwareMatch1.14

buffalotechwer-amg54_firmwareMatch1.11

buffalotechwer-amg54_firmwareMatch1.12

buffalotechwer-amg54_firmwareMatch1.14

buffalotechwhr-am54g54_firmwareMatch1.30

buffalotechwhr-am54g54_firmwareMatch1.38

buffalotechwhr-am54g54_firmwareMatch1.40

buffalotechwhr-am54g54_firmwareMatch1.42

buffalotechwhr-amg54_firmwareMatch1.31

buffalotechwhr-amg54_firmwareMatch1.38

buffalotechwhr-amg54_firmwareMatch1.40

buffalotechwhr-amg54_firmwareMatch1.42

buffalotechwhr-ampg_firmwareMatch1.46

buffalotechwhr-g_firmwareMatch1.46

buffalotechwhr-g54s_firmwareMatch1.20

buffalotechwhr-g54s_firmwareMatch1.21

buffalotechwhr-g54s_firmwareMatch1.23

buffalotechwhr-g54s_firmwareMatch1.38

buffalotechwhr-g54s_firmwareMatch1.40

buffalotechwhr-g54s_firmwareMatch1.42

buffalotechwhr-hp-ampg_firmwareMatch1.32

buffalotechwhr-hp-g_firmwareMatch1.46

buffalotechwhr-hp-g54_firmwareMatch1.20

buffalotechwhr-hp-g54_firmwareMatch1.21

buffalotechwhr-hp-g54_firmwareMatch1.23

buffalotechwhr-hp-g54_firmwareMatch1.38

buffalotechwhr-hp-g54_firmwareMatch1.40

buffalotechwhr-hp-g54_firmwareMatch1.42

buffalotechwzr-ampg144nh_firmwareMatch1.47

buffalotechwzr-ampg144nh_firmwareMatch1.48beta

buffalotechwzr-ampg300nh_firmwareMatch1.48

buffalotechwzr-g144n_firmwareMatch1.45

buffalotechwzr-g144n_firmwareMatch1.46beta

buffalotechwzr-g144n_firmwareMatch1.47

buffalotechwzr-g144n_firmwareMatch1.47beta

buffalotechwzr-g144nh_firmwareMatch1.45

buffalotechwzr-g144nh_firmwareMatch1.47

buffalotechwzr-g144nh_firmwareMatch1.47beta

buffalotechwzr-g144nh_firmwareMatch1.48

buffalotechwzr2-g300n_firmwareMatch1.48

buffalotechwzr2-g300n_firmwareMatch1.50beta

buffalotechas-100

buffalotechbbr-4hg

buffalotechbbr-4mg

buffalotechbhr-4rv

buffalotechfs-g54

buffalotechwer-a54g54

buffalotechwer-ag54

buffalotechwer-am54g54

buffalotechwer-amg54

buffalotechwhr-am54g54

buffalotechwhr-amg54

buffalotechwhr-ampg

buffalotechwhr-g

buffalotechwhr-g54s

buffalotechwhr-hp-ampg

buffalotechwhr-hp-g

buffalotechwhr-hp-g54

buffalotechwzr-ampg144nh

buffalotechwzr-ampg300nh

buffalotechwzr-g144n

buffalotechwzr-g144nh

buffalotechwzr2-g300n

References

buffalo.jp/support_s/20080808/csrf.html

jvn.jp/en/jp/JVN50505257/index.html

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.3%

JSON

Related for NVD:CVE-2011-1324

jvn1 cvelist1 prion1 cve1