Hardcoded credentials

2023-04-1109:15:00

PRIOn knowledge base

www.prio-n.com

hard-coded credentials

vulnerability

buffalo network devices

debug function

affected products

nvd

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier

CPENameOperatorVersion
bs-gs2008_firmwarele1.0.10.01
bs-gs2008p_firmwarele1.0.10.01
bs-gs2016_firmwarele1.0.10.01
bs-gs2016hp_firmwarelt1.1.7.01
bs-gs2016p_firmwarele1.0.10.01
bs-gs2016p_firmwarelt1.1.7.01
bs-gs2024_firmwarele1.0.10.01
bs-gs2024hp_firmwarelt1.1.7.01
bs-gs2024p_firmwarele1.0.10.01
bs-gs2024p_firmwarelt1.1.7.01

Name	Operator	Version
bs-gs2008_firmware	le	1.0.10.01
bs-gs2008p_firmware	le	1.0.10.01
bs-gs2016_firmware	le	1.0.10.01
bs-gs2016hp_firmware	lt	1.1.7.01
bs-gs2016p_firmware	le	1.0.10.01
bs-gs2016p_firmware	lt	1.1.7.01
bs-gs2024_firmware	le	1.0.10.01
bs-gs2024hp_firmware	lt	1.1.7.01
bs-gs2024p_firmware	le	1.0.10.01
bs-gs2024p_firmware	lt	1.1.7.01