Search criteria
4 vulnerabilities found for wzr-ampg300nh by buffalotech
VAR-201105-0127
Vulnerability from variot - Updated: 2023-12-18 12:58Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password. Multiple routers provided by Buffalo contain a cross-site request forgery vulnerability. Multiple routers provided by Buffalo have a management screen that allows users to modify settings. These routers contain a cross-site request forgery vulnerability due to an issue in the management screen. Hirotaka Katagiri reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user views a malicious page while logged into the management screen, settings such as the login password may be altered. Successful exploits can result in privileged commands running on the affected devices, including enabling remote access to the web administration interface. This may lead to further network-based attacks. A remote attacker can exploit this vulnerability to hijack the administrator's authentication request to modify settings, such as changing the login password
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201105-0127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wzr-g144nh",
"scope": "eq",
"trust": 1.6,
"vendor": "buffalotech",
"version": "1.47"
},
{
"model": "fs-g54",
"scope": "eq",
"trust": 1.6,
"vendor": "buffalotech",
"version": "2.07"
},
{
"model": "wzr-g144nh",
"scope": "eq",
"trust": 1.6,
"vendor": "buffalotech",
"version": "1.45"
},
{
"model": "wer-ag54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.04"
},
{
"model": "whr-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.42"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "wer-a54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.02"
},
{
"model": "wzr-ampg300nh",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "wer-a54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "wer-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-hp-g",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.46"
},
{
"model": "bhr-4rv",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "2.46"
},
{
"model": "fs-g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-g54s",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.40"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.12"
},
{
"model": "whr-hp-g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.20"
},
{
"model": "wer-a54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.13"
},
{
"model": "whr-g54s",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.38"
},
{
"model": "whr-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.40"
},
{
"model": "wzr-g144n",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.46"
},
{
"model": "whr-g",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-hp-g",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.38"
},
{
"model": "whr-g54s",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "wzr-ampg144nh",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.48"
},
{
"model": "wer-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.13"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.11"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.30"
},
{
"model": "wzr2-g300n",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.50"
},
{
"model": "whr-g",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.46"
},
{
"model": "wer-a54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.00"
},
{
"model": "bhr-4rv",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "2.32"
},
{
"model": "wzr-g144n",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "as-100",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "wer-a54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.12"
},
{
"model": "bhr-4rv",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.40"
},
{
"model": "wzr-g144n",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.45"
},
{
"model": "wzr2-g300n",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.38"
},
{
"model": "wer-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.12"
},
{
"model": "wzr-ampg300nh",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.48"
},
{
"model": "wer-ag54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "bhr-4rv",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "2.31"
},
{
"model": "wzr-ampg144nh",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.47"
},
{
"model": "wer-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.12"
},
{
"model": "wzr-g144n",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.47"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.12"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.32"
},
{
"model": "whr-ampg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.46"
},
{
"model": "whr-hp-g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.42"
},
{
"model": "wer-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.14"
},
{
"model": "whr-hp-g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.23"
},
{
"model": "wzr-g144nh",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-hp-g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "wer-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.14"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.01"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.00"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.20"
},
{
"model": "whr-hp-g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.21"
},
{
"model": "whr-hp-ampg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.32"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.31"
},
{
"model": "wzr2-g300n",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.48"
},
{
"model": "wer-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.11"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.04"
},
{
"model": "wer-a54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.03"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.32"
},
{
"model": "wer-a54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.10"
},
{
"model": "wer-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.11"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.30"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.11"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.33"
},
{
"model": "whr-ampg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-hp-ampg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.20"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.31"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.02"
},
{
"model": "whr-am54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.30"
},
{
"model": "bhr-4rv",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "2.48"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.04"
},
{
"model": "whr-g54s",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.42"
},
{
"model": "whr-g54s",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.23"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.33"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.10"
},
{
"model": "wer-a54g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.01"
},
{
"model": "whr-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.42"
},
{
"model": "whr-g54s",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.21"
},
{
"model": "wzr-g144nh",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.48"
},
{
"model": "whr-hp-g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.40"
},
{
"model": "wer-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "whr-g54s",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.20"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.03"
},
{
"model": "wer-ag54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.12"
},
{
"model": "whr-hp-g54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.38"
},
{
"model": "bbr-4mg",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.10"
},
{
"model": "wzr-ampg144nh",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "*"
},
{
"model": "bhr-4rv",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "2.33"
},
{
"model": "bhr-4rv",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "2.42"
},
{
"model": "whr-amg54",
"scope": "eq",
"trust": 1.0,
"vendor": "buffalotech",
"version": "1.31"
},
{
"model": "bbr-4hg",
"scope": "eq",
"trust": 0.8,
"vendor": "buffalo",
"version": "and other routers"
},
{
"model": "bhr-4rv",
"scope": null,
"trust": 0.6,
"vendor": "buffalotech",
"version": null
},
{
"model": "whr-g",
"scope": null,
"trust": 0.6,
"vendor": "buffalotech",
"version": null
},
{
"model": "whr-hp-g",
"scope": null,
"trust": 0.6,
"vendor": "buffalotech",
"version": null
},
{
"model": "whr-ampg",
"scope": null,
"trust": 0.6,
"vendor": "buffalotech",
"version": null
},
{
"model": "fs-g54",
"scope": null,
"trust": 0.6,
"vendor": "buffalotech",
"version": null
},
{
"model": "as-100",
"scope": null,
"trust": 0.6,
"vendor": "buffalotech",
"version": null
},
{
"model": "technology wireless broadband router wbrg54",
"scope": "eq",
"trust": 0.3,
"vendor": "buffalo",
"version": "1.11"
},
{
"model": "technology whr-g54s",
"scope": "eq",
"trust": 0.3,
"vendor": "buffalo",
"version": "1.2"
},
{
"model": "technology wireless-n nfiniti wzr-hp-g300nh",
"scope": null,
"trust": 0.3,
"vendor": "buffalo",
"version": null
},
{
"model": "technology wireless-n nfiniti whr-g300n",
"scope": null,
"trust": 0.3,
"vendor": "buffalo",
"version": null
},
{
"model": "technology wireless-n nfiniti whr-g300u",
"scope": null,
"trust": 0.3,
"vendor": "buffalo",
"version": null
},
{
"model": "technology wireless broadband router wbrg54",
"scope": "eq",
"trust": 0.3,
"vendor": "buffalo",
"version": "1.13"
},
{
"model": "technology airstation whr-g54s",
"scope": "eq",
"trust": 0.3,
"vendor": "buffalo",
"version": "1.2"
},
{
"model": "technology wireless-n nfiniti whr-hp-g300n",
"scope": null,
"trust": 0.3,
"vendor": "buffalo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "47893"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"db": "NVD",
"id": "CVE-2011-1324"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.10:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.30:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-amg54_firmware:1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-amg54_firmware:1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-amg54_firmware:1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.01:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.32:prebeta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.33:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-g_firmware:1.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-hp-g_firmware:1.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wer-ag54:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wer-am54g54:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:whr-amg54:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-hp-ampg_firmware:1.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-g144nh_firmware:1.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-g144n_firmware:1.46:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-g144n_firmware:1.47:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-ag54_firmware:1.12:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.01:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-ampg_firmware:1.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.32:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-amg54_firmware:1.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-amg54_firmware:1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.20:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.11:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.30:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-ampg144nh_firmware:1.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wzr-ampg144nh:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wer-a54g54:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:whr-am54g54:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:whr-hp-ampg:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:bbr-4hg:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:fs-g54_firmware:2.07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:as-100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:fs-g54:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:bhr-4rv:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-g144n_firmware:1.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-g144nh_firmware:1.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-g144nh_firmware:1.47:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-ag54_firmware:1.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.11:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.33:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-amg54_firmware:1.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.33:prebeta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.10:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.04:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr2-g300n_firmware:1.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-ampg144nh_firmware:1.48:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wer-amg54:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wzr2-g300n:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:bbr-4mg:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:whr-g54s:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-g144nh_firmware:1.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:whr-ampg:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.12:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.12:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-ag54_firmware:1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.04:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.20:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-amg54_firmware:1.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.32:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-ampg300nh_firmware:1.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr2-g300n_firmware:1.50:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wzr-g144n:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wzr-ampg300nh:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:wzr-g144nh:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:whr-hp-g54:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:buffalotech:wzr-g144n_firmware:1.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:whr-hp-g:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:buffalotech:whr-g:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1324"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hirotaka Katagiri",
"sources": [
{
"db": "BID",
"id": "47893"
}
],
"trust": 0.3
},
"cve": "CVE-2011-1324",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2011-000025",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-49269",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-1324",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2011-000025",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201105-115",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-49269",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49269"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"db": "NVD",
"id": "CVE-2011-1324"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password. Multiple routers provided by Buffalo contain a cross-site request forgery vulnerability. Multiple routers provided by Buffalo have a management screen that allows users to modify settings. These routers contain a cross-site request forgery vulnerability due to an issue in the management screen. Hirotaka Katagiri reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user views a malicious page while logged into the management screen, settings such as the login password may be altered. \nSuccessful exploits can result in privileged commands running on the affected devices, including enabling remote access to the web administration interface. This may lead to further network-based attacks. A remote attacker can exploit this vulnerability to hijack the administrator\u0027s authentication request to modify settings, such as changing the login password",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1324"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"db": "BID",
"id": "47893"
},
{
"db": "VULHUB",
"id": "VHN-49269"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-1324",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVN50505257",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-000025",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201105-115",
"trust": 0.7
},
{
"db": "JVN",
"id": "JVN#50505257",
"trust": 0.6
},
{
"db": "BID",
"id": "47893",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-49269",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49269"
},
{
"db": "BID",
"id": "47893"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"db": "NVD",
"id": "CVE-2011-1324"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
]
},
"id": "VAR-201105-0127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-49269"
}
],
"trust": 0.6615079433333333
},
"last_update_date": "2023-12-18T12:58:24.406000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple routers vulnerable to cross-site request forgery",
"trust": 0.8,
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49269"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"db": "NVD",
"id": "CVE-2011-1324"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://jvn.jp/en/jp/jvn50505257/index.html"
},
{
"trust": 1.7,
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1324"
},
{
"trust": 0.8,
"url": "http://jvn.jp/en/jp/jvn50505257"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1324"
},
{
"trust": 0.3,
"url": "http://www.buffalotech.com/products/wireless/wireless-n-routers-access-points/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49269"
},
{
"db": "BID",
"id": "47893"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"db": "NVD",
"id": "CVE-2011-1324"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-49269"
},
{
"db": "BID",
"id": "47893"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"db": "NVD",
"id": "CVE-2011-1324"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-49269"
},
{
"date": "2011-05-17T00:00:00",
"db": "BID",
"id": "47893"
},
{
"date": "2011-05-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"date": "2011-05-09T19:55:03.507000",
"db": "NVD",
"id": "CVE-2011-1324"
},
{
"date": "2011-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-05-27T00:00:00",
"db": "VULHUB",
"id": "VHN-49269"
},
{
"date": "2011-05-17T00:00:00",
"db": "BID",
"id": "47893"
},
{
"date": "2011-05-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-000025"
},
{
"date": "2011-05-27T04:00:00",
"db": "NVD",
"id": "CVE-2011-1324"
},
{
"date": "2011-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Buffalo routers vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-000025"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-115"
}
],
"trust": 0.6
}
}
FKIE_CVE-2011-1324
Vulnerability from fkie_nvd - Published: 2011-05-09 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "647D477D-7858-4DD2-872E-76A9FCD08D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5679E1-81E0-49DB-9F42-2D05C2984E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.04:beta:*:*:*:*:*:*",
"matchCriteriaId": "BCB68F2F-FE4A-4C77-B9C9-AE433740239C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "72A2C0F5-C5E4-421D-99F7-2BE75FF59C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.10:beta:*:*:*:*:*:*",
"matchCriteriaId": "6AB8772F-A6DD-4A7A-9B21-4D7BF46115D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.11:beta:*:*:*:*:*:*",
"matchCriteriaId": "35942805-366F-43F6-9E96-C18E0810A579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8FC665-64B9-4EC1-A34D-4CDDA1099EF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "447B081A-D022-4FC0-84BB-99BC0583E81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.20:beta:*:*:*:*:*:*",
"matchCriteriaId": "12194EF0-3432-4300-8369-90B0CEB4073B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B598F6-ED55-4C85-908D-503DB4EAC111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.30:beta:*:*:*:*:*:*",
"matchCriteriaId": "44012BB3-FF0D-47FD-AFBB-25ADA9B6017E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "C02712DD-E328-4FF6-B404-726D66DA86D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBB14E0-715B-48DE-80D7-246441939576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.32:beta:*:*:*:*:*:*",
"matchCriteriaId": "1E4B006B-410B-485D-9C36-D6AB4C1BA2DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.33:beta:*:*:*:*:*:*",
"matchCriteriaId": "4433AEEE-9B28-4F1E-9356-84D5ED930AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "198BC9CE-F4E3-4CC8-BC68-F069E3282C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.01:beta:*:*:*:*:*:*",
"matchCriteriaId": "03857B8B-C43D-4228-8970-31E2550BAC02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE39654-DEBA-416C-A732-845E770A9F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1A560B-6CAA-4EF9-BDF0-57716357BA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.04:beta:*:*:*:*:*:*",
"matchCriteriaId": "615F9DAC-C453-4760-9DEC-F6CBC81359C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1E2CC3-DA79-4140-BCA5-BB8D800DA9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.10:beta:*:*:*:*:*:*",
"matchCriteriaId": "233B463A-3F0F-4DDB-BA76-547E8004BCC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.11:beta:*:*:*:*:*:*",
"matchCriteriaId": "641A9605-D4A5-4428-85EB-174023E3D222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB907E0-5A97-42AF-BE72-B30B52DA14CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5890B6-9738-4E39-9A1A-7E9FC61FD4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.20:beta:*:*:*:*:*:*",
"matchCriteriaId": "A42B4E40-AE01-48EE-9C2A-F8A3153B2AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "6849D170-D6FC-4BF7-8BCB-E648A659DA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.30:beta:*:*:*:*:*:*",
"matchCriteriaId": "30997DAB-D55F-4BAC-9359-DD2E2E330775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "B2208DE5-6C71-4E28-A48E-8335C73C903B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BC632DFF-BDDE-41AA-B2AC-A9171A5B20F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.32:beta:*:*:*:*:*:*",
"matchCriteriaId": "ADC8D293-3D70-4570-881D-359C68AA0CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "74CD2AD5-41C9-47DA-8828-CFF1ECE79D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.33:beta:*:*:*:*:*:*",
"matchCriteriaId": "DEC4BEC6-04C9-4167-A406-AABB80AA9C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AF12AB6B-B964-4FE7-BE37-5D941B424270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.32:prebeta:*:*:*:*:*:*",
"matchCriteriaId": "496FD5E4-6D75-48F7-AC41-5A325002782E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.33:prebeta:*:*:*:*:*:*",
"matchCriteriaId": "407DE9B5-A72E-49C0-A1D9-21F2B447D454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.42:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7E325E-416B-46DF-8B2A-673D1765E322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.46:*:*:*:*:*:*:*",
"matchCriteriaId": "81C57617-68ED-4842-842C-AC9A9394BB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.48:*:*:*:*:*:*:*",
"matchCriteriaId": "FEC1081A-FA35-49DD-9D93-C8978DD85523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:fs-g54_firmware:2.07:*:*:*:*:*:*:*",
"matchCriteriaId": "434C4E79-4EC4-4C7A-B38F-135755AAC9D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "40FDCBD7-44CC-4E52-BDDE-3D8EABC74B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.01:beta:*:*:*:*:*:*",
"matchCriteriaId": "17B13CE9-8E95-4B46-BCC2-940F8329D3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "734C10CE-DC42-40C8-9E7E-2475A4AEB701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "8C85E35E-9ED1-4A44-8661-FC905C292A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "86A14B32-914E-46A7-9C2F-024D1F7D4709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3113AA-75DE-401A-87EB-73EC7B1FDA56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.12:beta:*:*:*:*:*:*",
"matchCriteriaId": "9A2FE89C-2D33-4ECE-8FFA-C7DB01D2E6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3B699573-9F27-4FB6-9B8B-CBE935EACE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-ag54_firmware:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "88D283C6-8011-41CE-9C21-194811378DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-ag54_firmware:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C94834DA-2FC4-4683-ACEF-5A4CAA452B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-ag54_firmware:1.12:beta:*:*:*:*:*:*",
"matchCriteriaId": "1BC99770-84D8-445E-AC29-A838FD5CEB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211BB2-3590-43BC-9DA9-65290EEEE5FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "17303520-DC29-4F25-9566-1E01D0D0A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.12:beta:*:*:*:*:*:*",
"matchCriteriaId": "B2619A4A-29E6-4C4A-B166-59BC34C3A4B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "96DD1C36-E5D9-4F73-BC2E-1D39454590B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4953CB8-844F-45BE-9E06-278CC8A9F8FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-amg54_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D75C3ED7-84B2-4AEC-B5F7-F516D0AE5C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-amg54_firmware:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D5F769-D56B-4EAB-B587-3E068D293850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wer-amg54_firmware:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8B7BD7C3-F954-49F4-883B-BFEE708D557E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "7D89D626-7E88-40B7-A0E7-4203A1F02707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "EC76621E-A848-41B0-846E-9B74B06EBCF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "346498AF-D57B-485C-B961-F736C9A3E2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.42:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4F02E9-CE85-4504-850F-0B76B6C7ECC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-amg54_firmware:1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "B37F2AA8-AC5D-49D3-B386-7C40FA04C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-amg54_firmware:1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "3E19983F-A714-451F-9FB4-09BB85442961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-amg54_firmware:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "351A3501-E637-4B8D-B10B-9FEF2BDEE349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-amg54_firmware:1.42:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD911F3-5660-4FF3-AC96-9119E30EFA3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-ampg_firmware:1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7D1850-E4DA-43FA-B21D-E77922CE2940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-g_firmware:1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "52C1F391-6E05-406C-B771-B377E669B394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "33224A42-849E-4A0C-BAA9-CA90D5CB910D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C8511E-33E1-4879-B7C7-6EA8AA1FF733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "B984D4DA-1A40-46FB-AE80-31D22E789D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "0A490DDF-A3C9-4B24-8E86-E80EC07556E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "89B20789-BF24-401F-ABF2-2D36B2678BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-g54s_firmware:1.42:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6857EF-CF12-4436-90EC-D98F0A6206C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-hp-ampg_firmware:1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "A8394C7A-FCF0-421F-8F0F-FEC41606B7D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-hp-g_firmware:1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "5297F37E-4FEF-4637-B742-5A68FB807B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "51C86D19-2BEF-49D8-9112-AF77C24E5634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D4FD5667-9FA9-4BF5-A91D-AF914CCCA941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "10E2F63B-AD4D-49F9-897D-F8B92A7BD50F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF875DE-04D5-458C-A5A6-6D729C20B0FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "3D4B5C19-97BE-4DEF-86FF-0514D0CB1CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.42:*:*:*:*:*:*:*",
"matchCriteriaId": "C5479842-B556-49AB-9133-3ABB1E0AC0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-ampg144nh_firmware:1.47:*:*:*:*:*:*:*",
"matchCriteriaId": "11E8CFE2-4DCB-42A2-9ADF-B980B3DB6467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-ampg144nh_firmware:1.48:beta:*:*:*:*:*:*",
"matchCriteriaId": "4D9C7258-672D-46AC-970A-CAC50E225DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-ampg300nh_firmware:1.48:*:*:*:*:*:*:*",
"matchCriteriaId": "24E1DE14-D26B-4E83-9B32-C3EBFBF5D459",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-g144n_firmware:1.45:*:*:*:*:*:*:*",
"matchCriteriaId": "B3757E3B-B749-4058-B4DC-F6AEFEBB9081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-g144n_firmware:1.46:beta:*:*:*:*:*:*",
"matchCriteriaId": "5281E335-4E03-439C-A89B-E9F126D3BDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-g144n_firmware:1.47:*:*:*:*:*:*:*",
"matchCriteriaId": "40BEAA53-A26C-4E23-8058-3BF376366FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-g144n_firmware:1.47:beta:*:*:*:*:*:*",
"matchCriteriaId": "538F2CC1-E337-47D9-846D-B4C51C2B1C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-g144nh_firmware:1.45:*:*:*:*:*:*:*",
"matchCriteriaId": "02108C83-C6E0-4620-8085-FD4EB7E52E4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-g144nh_firmware:1.47:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0E319B-241E-4B9E-8AFC-E050B65F808E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-g144nh_firmware:1.47:beta:*:*:*:*:*:*",
"matchCriteriaId": "74549536-D671-4CA3-A090-869BE136E62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr-g144nh_firmware:1.48:*:*:*:*:*:*:*",
"matchCriteriaId": "6343A3F0-E749-4AFB-8D4F-D5A80930010C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr2-g300n_firmware:1.48:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBD114-AE1B-4413-B3B4-E238721418A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:buffalotech:wzr2-g300n_firmware:1.50:beta:*:*:*:*:*:*",
"matchCriteriaId": "DC84BA91-3215-4B62-BF09-8D4E5C966867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:as-100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B26A678B-A3CF-43DD-BA03-A5A3ED7FACBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:bbr-4hg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31287FFB-C8E9-4B58-904B-38324C6E6D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:bbr-4mg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15AC14CD-77BD-4F0B-B06D-D3006BD72EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:bhr-4rv:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7DFB8C7-3E66-475B-8361-86141EC6A355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:fs-g54:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F81801C-4F32-426C-9624-9BBFCA73D65F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wer-a54g54:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFCA340-FF4F-4900-9D6E-890D90F980EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wer-ag54:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B63D21-82F2-49A7-8D48-98320157BF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wer-am54g54:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDE90A1-B9F5-4536-B665-65DB5C3F578D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wer-amg54:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6495B013-8379-4E4E-BC2B-4C5666326D08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:whr-am54g54:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6524837A-065A-4908-B12B-167092E9BA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:whr-amg54:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A4B00C-36C8-4359-ADAE-052154094D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:whr-ampg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4146B285-E9BD-4B32-B60C-273717876D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:whr-g:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68C930E7-51C6-49A0-9064-B47C4454E9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:whr-g54s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0886A676-65BE-4D2E-81B9-0749674D4EE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:whr-hp-ampg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82B8B5BF-B38E-4314-8BFE-86CF9F24F271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:whr-hp-g:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00798A1A-CD00-4DCE-AB19-DA9FC403ACA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:whr-hp-g54:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C3B2AC-DE14-4C91-9B26-8A4D8AFE795E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wzr-ampg144nh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC05429F-860D-48E6-BE25-455EE07526AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wzr-ampg300nh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5194AA8B-F68E-45D9-AEA1-F4265B9A892F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wzr-g144n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10996A6A-F2A4-4C21-9DB9-475A57AAC487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wzr-g144nh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50839C21-9116-49E3-8817-AB29A0FF2202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:buffalotech:wzr2-g300n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "619025B8-3880-4763-BD10-4CD89AF43618",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en las Pantallas de gesti\u00f3n de las series WHR, WZR2, WZR, WER, y BBR de routers Buffalo con firmware v1.x; routers BHR-4RV y FS-G54 con firmware 2.x; y routers AS-100, permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores para peticiones que modifican la configuraci\u00f3n como se demuestra con el cambio de la contrase\u00f1a login.\r\n"
}
],
"id": "CVE-2011-1324",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-05-09T19:55:03.507",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN50505257/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN50505257/index.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2011-1324 (GCVE-0-2011-1324)
Vulnerability from cvelistv5 – Published: 2011-05-09 19:00 – Updated: 2024-09-17 03:22
VLAI?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:21:34.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#50505257",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN50505257/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-05-09T19:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#50505257",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN50505257/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-1324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#50505257",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN50505257/index.html"
},
{
"name": "http://buffalo.jp/support_s/20080808/csrf.html",
"refsource": "CONFIRM",
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-1324",
"datePublished": "2011-05-09T19:00:00Z",
"dateReserved": "2011-03-09T00:00:00Z",
"dateUpdated": "2024-09-17T03:22:31.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1324 (GCVE-0-2011-1324)
Vulnerability from nvd – Published: 2011-05-09 19:00 – Updated: 2024-09-17 03:22
VLAI?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:21:34.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#50505257",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN50505257/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-05-09T19:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#50505257",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN50505257/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-1324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#50505257",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN50505257/index.html"
},
{
"name": "http://buffalo.jp/support_s/20080808/csrf.html",
"refsource": "CONFIRM",
"url": "http://buffalo.jp/support_s/20080808/csrf.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-1324",
"datePublished": "2011-05-09T19:00:00Z",
"dateReserved": "2011-03-09T00:00:00Z",
"dateUpdated": "2024-09-17T03:22:31.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}