8.8
CVE-2021-20091
- EPSS 86.76%
- Veröffentlicht 29.04.2021 15:15:10
- Zuletzt bearbeitet 21.11.2024 05:45:54
- Quelle vulnreport@tenable.com
- CVE-Watchlists
- Unerledigt
LoginThe web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Buffalo ≫ Wsr-2533dhpl2-bk Firmware Version <= 1.02
Buffalo ≫ Wsr-2533dhp3-bk Firmware Version <= 1.24
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 86.76% | 0.994 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|