CVE-2025-66954

A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated privilege roles. The issue is triggered by modifying a parameter within requests sent to the /nasapi endpoint...

Buffalo LinkStation 安全漏洞

The Buffalo LinkStation is a home-use and small-office NAS device from the Japanese company Buffalo. There is a security vulnerability in the Buffalo LinkStation 1.85-0.01 version. This vulnerability stems from modifying the parameters in the /nasapi endpoint requests, which may lead to unvalidat...

CVE-2025-66954

A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated privilege roles. The issue is triggered by modifying a parameter within requests sent to the /nasapi endpoint...

Buffalo LinkStation Arbitrary File Read Vulnerability (Mar 2025) - Active Check

Buffalo LinkStation is prone to an arbitrary file read vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...

Buffalo LinkStation 420 Denial of Service Vulnerability

The Buffalo LinkStation 420 is a NAS network storage from Japan's Bafaello Group. A security vulnerability exists in the Buffalo LinkStation 420 that allows remote attackers to conduct denial-of-service attacks by submitting a special request to shut down the device...

[RT-SA-2015-006] Buffalo LinkStation Authentication Bypass

Advisory: Buffalo LinkStation Authentication Bypass An authentication bypass vulnerability in the web interface of a Buffalo LinkStation Duo Network Attached Storage NAS device allows unauthenticated attackers to gain administrative privileges. This puts the confidentiality and integrity of the...

Buffalo LinkStation authentication bypass

Session validity is not checked on request...

Buffalo LinkStation 1.34 / 1.69 / 1.70 Authentication Bypass

Advisory: Buffalo LinkStation Authentication Bypass An authentication bypass vulnerability in the web interface of a Buffalo LinkStation Duo Network Attached Storage NAS device allows unauthenticated attackers to gain administrative privileges. This puts the confidentiality and integrity of the...

Buffalo LinkStation Detection

The remote host is a Buffalo LinkStation device, a NAS storage device with an embedded web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid64914; scriptversion"1.7"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"Buffalo LinkStation Detection";...

Buffalo LinkStation Direct Request Remote File Disclosure

The web server included with the remote Buffalo LinkStation device does not properly configure access rights, which allows an unauthenticated remote attacker to gain access to sensitive files such as the device's private RSA key. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Buffalo Linkstation Privilege Escalation / Information Disclosure Vulnerabilities

Buffalo Linkstation suffers from information disclosure and privilege escalation vulnerabilities. Product. Linkstation & Others Platform. Buffalo Technology Affected versions. Including Actual Version Severity Rating. Medium Impact. Privilege escalation, Information Disclosure Attack Vector. From...

Buffalo Linkstation Privilege Escalation / Information Disclosure

Release Date. 30-Nov-2012 Last Update. - Vendor Notification Date. 23.Dec.2011 Product. Linkstation & Others Platform. Buffalo Technology Affected versions. Including Actual Version Severity Rating. Medium Impact. Privilege escalation, Information Disclosure Attack Vector. From remote Solution...