The remote web server hosted on the Buffalo router is affected by a directory traversal vulnerability due to an improper access restriction. An unauthenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters, to disclose the contents of files located outside of the server’s restricted path.
Binary data buffalo_CVE-2021-20090_path_traversal.nbin