Wxr 1900Dhp2 Firmware
CVE-2018-0521
HIGH
Severity by source
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.
AnalysisAI
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Missing Authentication for Critical Function (CWE-306), which allows attackers to access critical functionality without authentication. Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. Affected products include: Buffalo Wxr-1900Dhp2 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Require authentication for all sensitive operations, implement defense in depth.
More in Wxr 1900Dhp2 Firmware
View allAuthentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass aut
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified v
Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary code via a
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today