buffalo bhr-4grv_firmware 授权机制不正确
CVE编号
CVE-2021-3511利用情况
暂无补丁情况
N/A披露时间
2021-04-28漏洞描述
Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to obtain information such as configuration via unspecified vectors.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://jvn.jp/en/vu/JVNVU99235714/index.html | |
| https://www.buffalo.jp/news/detail/20210427-01.html |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | buffalo | bhr-4grv_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | dwr-hp-g300nh_firmware | * | Up to (excluding) 1.84 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | fs-600dhp_firmware | * | Up to (excluding) 3.40 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | fs-g300n_firmware | * | Up to (excluding) 3.14 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | fs-hp-g300n_firmware | * | Up to (excluding) 3.33 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | fs-r600dhp_firmware | * | Up to (excluding) 3.40 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | hw-450hp-zwe_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | whr-300hp_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | whr-300_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | whr-g301n_firmware | * | Up to (excluding) 1.87 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | whr-hp-g300n_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | whr-hp-gn_firmware | * | Up to (excluding) 1.87 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wpl-05g300_firmware | * | Up to (excluding) 1.88 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-300hp_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-450hp-cwt_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-450hp-ub_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-450hp_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-600dhp_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-d1100h_firmware | * | Up to (excluding) 2.00 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-hp-ag300h_firmware | * | Up to (excluding) 1.76 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-hp-g300nh_firmware | * | Up to (excluding) 1.84 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-hp-g301nh_firmware | * | Up to (excluding) 1.84 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-hp-g302h_firmware | * | Up to (excluding) 1.86 | |||||
| 运行在以下环境 | |||||||||
| 系统 | buffalo | wzr-hp-g450h_firmware | * | Up to (excluding) 1.90 | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | bhr-4grv | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | dwr-hp-g300nh | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | fs-600dhp | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | fs-g300n | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | fs-hp-g300n | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | fs-r600dhp | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | hw-450hp-zwe | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | whr-300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | whr-300hp | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | whr-g301n | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | whr-hp-g300n | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | whr-hp-gn | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wpl-05g300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-300hp | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-450hp | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-450hp-cwt | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-450hp-ub | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-600dhp | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-d1100h | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-hp-ag300h | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-hp-g300nh | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-hp-g301nh | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-hp-g302h | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | buffalo | wzr-hp-g450h | - | - | |||||
- 攻击路径 相邻
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 无
- 保密性 低
- 完整性 无
| CWE-ID | 漏洞类型 |
| CWE-863 | 授权机制不正确 |
| NVD-CWE-Other |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论