Lucene search

K
cve[email protected]CVE-2021-3511
HistoryApr 28, 2021 - 1:15 a.m.

CVE-2021-3511

2021-04-2801:15:17
web.nvd.nist.gov
56
3
cve-2021-3511
buffalo
broadband routers
sensitive information
vulnerability
nvd
unauthorized access

4.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.5 Medium

AI Score

Confidence

High

3.3 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

42.0%

Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to obtain information such as configuration via unspecified vectors.

Affected configurations

Vulners
NVD
Node
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.83
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.86
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.86
OR
buffalots5600d1206Match1.87
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.75
OR
buffalots5600d1206Match1.83
OR
buffalots5600d1206Match1.83
OR
buffalots5600d1206Match1.85
OR
buffalots5600d1206Match1.89
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match1.99
OR
buffalots5600d1206Match3.32
OR
buffalots5600d1206Match3.38
OR
buffalots5600d1206Match3.39
OR
buffalots5600d1206Match3.13
VendorProductVersionCPE
buffalots5600d12061.99cpe:2.3:h:buffalo:ts5600d1206:1.99:*:*:*:*:*:*:*
buffalots5600d12061.83cpe:2.3:h:buffalo:ts5600d1206:1.83:*:*:*:*:*:*:*
buffalots5600d12061.99cpe:2.3:h:buffalo:ts5600d1206:1.99:*:*:*:*:*:*:*
buffalots5600d12061.99cpe:2.3:h:buffalo:ts5600d1206:1.99:*:*:*:*:*:*:*
buffalots5600d12061.99cpe:2.3:h:buffalo:ts5600d1206:1.99:*:*:*:*:*:*:*
buffalots5600d12061.86cpe:2.3:h:buffalo:ts5600d1206:1.86:*:*:*:*:*:*:*
buffalots5600d12061.99cpe:2.3:h:buffalo:ts5600d1206:1.99:*:*:*:*:*:*:*
buffalots5600d12061.86cpe:2.3:h:buffalo:ts5600d1206:1.86:*:*:*:*:*:*:*
buffalots5600d12061.87cpe:2.3:h:buffalo:ts5600d1206:1.87:*:*:*:*:*:*:*
buffalots5600d12061.99cpe:2.3:h:buffalo:ts5600d1206:1.99:*:*:*:*:*:*:*
Rows per page:
1-10 of 241

CNA Affected

[
  {
    "product": "Buffalo broadband routers",
    "vendor": "BUFFALO INC.",
    "versions": [
      {
        "status": "affected",
        "version": "BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior"
      }
    ]
  }
]

Social References

More

4.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.5 Medium

AI Score

Confidence

High

3.3 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

42.0%

Related for CVE-2021-3511