659 matches found
Unfixed XSS vulnerability at www.buffaloapartments.com
Security researcher Xylitol, has submitted on 10/01/2009 a cross-site-scripting XSS vulnerability affecting www.buffaloapartments.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/11/2011. It is...
Unfixed XSS vulnerability at search.buffalostate.edu
Security researcher cherokee warrior, has submitted on 17/06/2008 a cross-site-scripting XSS vulnerability affecting search.buffalostate.edu, which at the time of submission ranked 50350 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/07/200...
Buffalo router configuration management interface vulnerable to remote access and password leakage
Overview Some Buffalo routers have a vulnerability that could allow remote access from the WAN side. A remote attacker could exploit this vulnerability to manipulate a router by gaining administrative privileges. By accessing the management interface, a remote attacker could also obtain user's...
TeraStation HD-HTGL series cross-site request forgery vulnerability
Overview TeraStation HD-HTGL series provided by Buffalo, Inc. are hard disks for LAN connection and have administrative web interface. The administrative interface for the TeraStation HD-HTGL contains a cross-site request forgety CSRF vulnerability. Impact If a TeraStation HD-HTGL administrator w...
Unfixed XSS vulnerability at www.buffalo-shop.de
Security researcher Fabian Fingerle, has submitted on 15/02/2008 a cross-site-scripting XSS vulnerability affecting www.buffalo-shop.de, which at the time of submission ranked 107414 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2008. I...
JVN#71872818 AirStation series and BroadStation series vulnerable to cross-site request forgery
Buffalo's AirStation series and BroadStation series routers have a web administration interface that can be accessed from a web browser to configure their functional settings. The web administration interface is vulnerable to cross-site request forgery. Impact If the administrator of such a produ...
CVE-2007-4822
Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...
CVE-2007-4822
CVE-2007-4822 affects Buffalo AirStation WHR-G54S (v1.20). A CSRF flaw in the device management interface allows remote attackers to modify configuration via HTTP requests to cgi-bin/cgi pages (e.g., ap.html, filter_ip.html) using res and inp parameters. Impact: integrity partially affected; conf...
CVE-2007-4822
Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...
Buffalo AirStation WHR-G54S CSRF vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Louhi Networks Oy -= Security Advisory =- Advisory: Buffalo AirStation WHR-G54S Web Management CSRF vulnerability Release Date: 2007-09-07 Last Modified: 2007-09-07 Authors: Henri Lindberg, Associate of ISC henri d0t lindberg at louhi d0t fi...
Buffalo AirStation WHR-G54S crossite request forgery
Request forgery in administration interface...
PT-2006-5910 · Buffalo · Buffalo Terastation Hd-Htgl
Name of the Vulnerable Software and Affected Versions: Buffalo TeraStation HD-HTGL firmware versions prior to 2.05 beta 1 Description: A cross-site request forgery issue exists in the administrative interface, allowing remote attackers to modify configurations or delete arbitrary data...
JVN#55023557 Buffalo router configuration management interface vulnerable to remote access and password leakage
Impact Configurations could be changed by the remote attacker. As the save configuration stores user's account and password information of ISPs in plain-text format, a remote attacker could steal such information and impersonate a user to gain illegal access. Solution Products Affected BUFFALO...
Buffalo Wireless Router Detection (HTTP) (deprecated)
Binary data 1608.prm...
Buffalo AirStation DoS
Small packet flood causes station to hang...
buffalo AirStation G54 - (WBR-G54 ) DoS
Hellow! I found bad bug/owerflow for buffalo g54 airstions: here my simple tests: schem of tests: I used 2 broadband routers Airstation WBR-g54 first named: g54-01, second - g54-02 both broadband routers set to pear-to-pear connection mode not point- multipoint atacker...
Buffalo AP Denial of Service
Arhont Ltd. - Information Security Arhont Advisory by: Andrei Mikhailovsky www.arhont.com Advisory: Buffalo AP AP Model Name: WLA-L11G Ver.2.31 Wireless Firmware: WLI-PCM-L11G Ver.6.14 Model Specific: Other versions of Buffalo APs might be vulnerable Manufacturer site: http://www.buffalotech.com...
Buffalo access point DoS
Incomplete HTTP GET request causes device to reboot...