cvelistv5 - cve-2021-20090

cve-2021-20090

Vulnerability from cvelistv5

Published

2021-04-29 00:00

Modified

2025-02-06 20:25

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
vulnreport@tenable.com	https://www.kb.cert.org/vuls/id/914124	Third Party Advisory, US Government Resource
vulnreport@tenable.com	https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/	Exploit, Third Party Advisory
vulnreport@tenable.com	https://www.tenable.com/security/research/tra-2021-13	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/914124	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/research/tra-2021-13	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	n/a	Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3	Version: WSR-2533DHPL2 <=1.02, WSR-2533DHP3 <= 1.24

CISA Known exploited vulnerability

Data from the Known Exploited Vulnerabilities Catalog

Date added: 2021-11-03

Due date: 2021-11-17

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-20090

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:30:07.572Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2021-13"
          },
          {
            "name": "VU#914124",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/914124"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-20090",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-06T20:25:22.891349Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-20090"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-22",
                "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-06T20:25:29.587Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "WSR-2533DHPL2 \u003c=1.02, WSR-2533DHP3 \u003c= 1.24"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Path Traversal",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-18T11:29:20.400Z",
        "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "shortName": "tenable"
      },
      "references": [
        {
          "url": "https://www.tenable.com/security/research/tra-2021-13"
        },
        {
          "name": "VU#914124",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.kb.cert.org/vuls/id/914124"
        },
        {
          "url": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
    "assignerShortName": "tenable",
    "cveId": "CVE-2021-20090",
    "datePublished": "2021-04-29T00:00:00.000Z",
    "dateReserved": "2020-12-17T00:00:00.000Z",
    "dateUpdated": "2025-02-06T20:25:29.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2021-20090",
      "cwes": "[\"CWE-22\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2021-11-17",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2021-20090",
      "product": "Buffalo Firmware",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Arcadyan Buffalo firmware contains a path traversal vulnerability that could allow unauthenticated, remote attackers to bypass authentication and access sensitive information. This vulnerability affects multiple routers across several different vendors.",
      "vendorProject": "Arcadyan",
      "vulnerabilityName": "Arcadyan Buffalo Firmware Path Traversal Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-20090\",\"sourceIdentifier\":\"vulnreport@tenable.com\",\"published\":\"2021-04-29T15:15:10.630\",\"lastModified\":\"2025-02-06T21:15:16.230\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de salto de ruta en las interfaces web de Buffalo WSR-2533DHPL2 versi\u00f3n de firmware anterior a 1.02 e incluy\u00e9ndola y WSR-2533DHP3 versi\u00f3n de firmware anterior a 1.24 e incluy\u00e9ndola, podr\u00eda permitir a atacantes remotos no autenticados omitir la autenticaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2021-11-17\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Arcadyan Buffalo Firmware Path Traversal Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.02\",\"matchCriteriaId\":\"D861729C-023B-4D73-8C4C-BF7E8B0B7045\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wsr-2533dhpl2-bk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B03FA14-33E3-44D2-8165-197CB446F2D2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.24\",\"matchCriteriaId\":\"63232EC8-B2B8-4867-93DB-C0C5147E2730\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wsr-2533dhp3-bk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AA91D93-E2B9-4415-B541-1968F1F39814\"}]}]}],\"references\":[{\"url\":\"https://www.kb.cert.org/vuls/id/914124\",\"source\":\"vulnreport@tenable.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/\",\"source\":\"vulnreport@tenable.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/research/tra-2021-13\",\"source\":\"vulnreport@tenable.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/914124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/research/tra-2021-13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.tenable.com/security/research/tra-2021-13\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/914124\", \"name\": \"VU#914124\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T17:30:07.572Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-20090\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-06T20:25:22.891349Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-20090\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-06T20:24:37.327Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3\", \"versions\": [{\"status\": \"affected\", \"version\": \"WSR-2533DHPL2 \u003c=1.02, WSR-2533DHP3 \u003c= 1.24\"}]}], \"references\": [{\"url\": \"https://www.tenable.com/security/research/tra-2021-13\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/914124\", \"name\": \"VU#914124\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Path Traversal\"}]}], \"providerMetadata\": {\"orgId\": \"5ac1ecc2-367a-4d16-a0b2-35d495ddd0be\", \"shortName\": \"tenable\", \"dateUpdated\": \"2023-10-18T11:29:20.400Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-20090\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-06T20:25:29.587Z\", \"dateReserved\": \"2020-12-17T00:00:00.000Z\", \"assignerOrgId\": \"5ac1ecc2-367a-4d16-a0b2-35d495ddd0be\", \"datePublished\": \"2021-04-29T00:00:00.000Z\", \"assignerShortName\": \"tenable\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

gsd-2021-20090

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2021-20090

Aliases

CVE-2021-20090

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-20090",
    "description": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication.",
    "id": "GSD-2021-20090"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-20090"
      ],
      "details": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication.",
      "id": "GSD-2021-20090",
      "modified": "2023-12-13T01:23:12.563623Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2021-20090",
      "dateAdded": "2021-11-03",
      "dueDate": "2021-11-17",
      "product": "Buffalo WSR-2533DHPL2 and WSR-2533DHP3 firmware",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "A path traversal vulnerability in Arcadyan firmware could allow unauthenticated remote attackers to bypass authentication. It impacts many routers.",
      "vendorProject": "Arcadyan",
      "vulnerabilityName": "Arcadyan Buffalo Firmware Multiple Versions Path Traversal"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vulnreport@tenable.com",
        "ID": "CVE-2021-20090",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "WSR-2533DHPL2 \u003c=1.02, WSR-2533DHP3 \u003c= 1.24"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Path Traversal"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.tenable.com/security/research/tra-2021-13",
            "refsource": "MISC",
            "url": "https://www.tenable.com/security/research/tra-2021-13"
          },
          {
            "name": "VU#914124",
            "refsource": "CERT-VN",
            "url": "https://www.kb.cert.org/vuls/id/914124"
          },
          {
            "name": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/",
            "refsource": "MISC",
            "url": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.02",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhpl2-bk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.24",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:buffalo:wsr-2533dhp3-bk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnreport@tenable.com",
          "ID": "CVE-2021-20090"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/security/research/tra-2021-13",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://www.tenable.com/security/research/tra-2021-13"
            },
            {
              "name": "VU#914124",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.kb.cert.org/vuls/id/914124"
            },
            {
              "name": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/",
              "refsource": "MISC",
              "tags": [],
              "url": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-10-18T01:15Z",
      "publishedDate": "2021-04-29T15:15Z"
    }
  }
}

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication. A path traversal vulnerability exists in numerous routers manufactured by multiple vendors using Arcadyan based software. This vulnerability allows an unauthenticated user access to sensitive information and allows for the alteration of the router configuration.CVE-2021-20090 AffectedCVE-2021-20090 Affected. Arcadyan Directory traversal vulnerabilities in many routers that use software CWE-22 , CVE-2021-20090 ) Exists.A remote third party may evade authentication and view sensitive information, including valid access tokens. As a result, the router settings can be tampered with. Buffalo WSR-2533DHPL2 and WSR-2533DHP3 are routers of Japan Buffalo Company.

Buffalo WSR-2533DHPL2 and WSR-2533DHP3 have path traversal vulnerabilities. The vulnerabilities are caused by input validation errors when processing the directory traversal sequence in the web interface. Attackers can use the vulnerabilities to bypass authentication. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0768",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wsr-2533dhp3-bk",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "buffalo",
        "version": "1.24"
      },
      {
        "model": "wsr-2533dhpl2-bk",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "buffalo",
        "version": "1.02"
      },
      {
        "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u8907\u6570\u306e\u30d9\u30f3\u30c0",
        "version": null
      },
      {
        "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u8907\u6570\u306e\u30d9\u30f3\u30c0",
        "version": "for more information cert/cc please check the information provided by or the information provided by the discoverer."
      },
      {
        "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u8907\u6570\u306e\u30d9\u30f3\u30c0",
        "version": "(multiple products)"
      },
      {
        "model": "wsr-2533dhpl2",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "buffalo",
        "version": "\u003c=1.02"
      },
      {
        "model": "wsr-2533dhp3",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "buffalo",
        "version": "\u003c=1.24"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20090"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "This document was written by Timur Snoke.We have not received a statement from the vendor.",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#914124"
      }
    ],
    "trust": 0.8
  },
  "cve": "CVE-2021-20090",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-20090",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.1,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-56801",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-20090",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 8.1,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-002008",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-20090",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2021-002008",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-56801",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-2010",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-20090",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20090"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20090"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication. A path traversal vulnerability exists in numerous routers manufactured by multiple vendors using Arcadyan based software. This vulnerability allows an unauthenticated user access to sensitive information and allows for the alteration of the router configuration.CVE-2021-20090 AffectedCVE-2021-20090 Affected. Arcadyan Directory traversal vulnerabilities in many routers that use software CWE-22 , CVE-2021-20090 ) Exists.A remote third party may evade authentication and view sensitive information, including valid access tokens. As a result, the router settings can be tampered with. Buffalo WSR-2533DHPL2 and WSR-2533DHP3 are routers of Japan Buffalo Company. \n\r\n\r\nBuffalo WSR-2533DHPL2 and WSR-2533DHP3 have path traversal vulnerabilities. The vulnerabilities are caused by input validation errors when processing the directory traversal sequence in the web interface. Attackers can use the vulnerabilities to bypass authentication. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-20090"
      },
      {
        "db": "CERT/CC",
        "id": "VU#914124"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20090"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-20090",
        "trust": 3.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#914124",
        "trust": 3.3
      },
      {
        "db": "TENABLE",
        "id": "TRA-2021-13",
        "trust": 2.5
      },
      {
        "db": "CS-HELP",
        "id": "SB2021042705",
        "trust": 1.2
      },
      {
        "db": "JVN",
        "id": "JVNVU92877673",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-2010",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20090",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#914124"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20090"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20090"
      }
    ]
  },
  "id": "VAR-202104-0768",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      }
    ],
    "trust": 1.4
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      }
    ]
  },
  "last_update_date": "2024-11-23T20:01:02.813000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Multiple vulnerabilities in some router products and countermeasures",
        "trust": 0.8,
        "url": "https://www.buffalo.jp/news/detail/20210727-01.html"
      },
      {
        "title": "Patch for Buffalo WSR-2533DHPL2 and WSR-2533DHP3 have path traversal vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/283451"
      },
      {
        "title": "Buffalo WSR-2533DHPL2 Repair measures for path traversal vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=149797"
      },
      {
        "title": "APT-Backpack",
        "trust": 0.1,
        "url": "https://github.com/34zY/APT-Backpack "
      },
      {
        "title": "Awesome-POC",
        "trust": 0.1,
        "url": "https://github.com/ArrestX/--POC "
      },
      {
        "title": "Normal-POC",
        "trust": 0.1,
        "url": "https://github.com/Miraitowa70/POC-Notes "
      },
      {
        "title": "Normal-POC",
        "trust": 0.1,
        "url": "https://github.com/Miraitowa70/Pentest-Notes "
      },
      {
        "title": "Awesome-POC",
        "trust": 0.1,
        "url": "https://github.com/Threekiii/Awesome-POC "
      },
      {
        "title": "Awesome-POC",
        "trust": 0.1,
        "url": "https://github.com/KayCHENvip/vulnerability-poc "
      },
      {
        "title": "Goby_POC\nPOC \u6570\u91cf1319",
        "trust": 0.1,
        "url": "https://github.com/Z0fhack/Goby_POC "
      },
      {
        "title": "Known Exploited Vulnerabilities Detector",
        "trust": 0.1,
        "url": "https://github.com/Ostorlab/KEV "
      },
      {
        "title": "Github CVE Monitor",
        "trust": 0.1,
        "url": "https://github.com/khulnasoft-lab/awesome-security "
      },
      {
        "title": "Github CVE Monitor",
        "trust": 0.1,
        "url": "https://github.com/khulnasoft-labs/awesome-security "
      },
      {
        "title": "Kenzer Templates [5170] [DEPRECATED]",
        "trust": 0.1,
        "url": "https://github.com/ARPSyndicate/kenzer-templates "
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/auth-bypass-bug-routers-exploited/168491/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20090"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.0
      },
      {
        "problemtype": "Path traversal (CWE-22) [IPA Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20090"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://www.tenable.com/security/research/tra-2021-13"
      },
      {
        "trust": 1.7,
        "url": "https://www.kb.cert.org/vuls/id/914124"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-20090"
      },
      {
        "trust": 1.2,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021042705"
      },
      {
        "trust": 1.1,
        "url": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/"
      },
      {
        "trust": 0.8,
        "url": "cve-2021-20090  "
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu92877673/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://kb.cert.org/vuls/id/914124"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/22.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/auth-bypass-bug-routers-exploited/168491/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#914124"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20090"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20090"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#914124"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20090"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20090"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-07-20T00:00:00",
        "db": "CERT/CC",
        "id": "VU#914124"
      },
      {
        "date": "2021-07-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "date": "2021-04-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-20090"
      },
      {
        "date": "2021-07-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "date": "2021-04-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-04-29T15:15:10.630000",
        "db": "NVD",
        "id": "CVE-2021-20090"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-10-07T00:00:00",
        "db": "CERT/CC",
        "id": "VU#914124"
      },
      {
        "date": "2021-07-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-56801"
      },
      {
        "date": "2023-10-18T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-20090"
      },
      {
        "date": "2021-07-27T05:10:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-002008"
      },
      {
        "date": "2022-04-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2024-11-21T05:45:54.457000",
        "db": "NVD",
        "id": "CVE-2021-20090"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Arcadyan-based routers and modems vulnerable to authentication bypass",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#914124"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-2010"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2021-20090

Vulnerability from fkie_nvd

Published

2021-04-29 15:15

Modified

2025-02-06 21:15

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
vulnreport@tenable.com	https://www.kb.cert.org/vuls/id/914124	Third Party Advisory, US Government Resource
vulnreport@tenable.com	https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/	Exploit, Third Party Advisory
vulnreport@tenable.com	https://www.tenable.com/security/research/tra-2021-13	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/914124	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/research/tra-2021-13	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
buffalo	wsr-2533dhpl2-bk_firmware	*
buffalo	wsr-2533dhpl2-bk	-
buffalo	wsr-2533dhp3-bk_firmware	*
buffalo	wsr-2533dhp3-bk	-

JSON

To clipboard

{
  "cisaActionDue": "2021-11-17",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Arcadyan Buffalo Firmware Path Traversal Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D861729C-023B-4D73-8C4C-BF7E8B0B7045",
              "versionEndIncluding": "1.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:buffalo:wsr-2533dhpl2-bk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B03FA14-33E3-44D2-8165-197CB446F2D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63232EC8-B2B8-4867-93DB-C0C5147E2730",
              "versionEndIncluding": "1.24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:buffalo:wsr-2533dhp3-bk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AA91D93-E2B9-4415-B541-1968F1F39814",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de salto de ruta en las interfaces web de Buffalo WSR-2533DHPL2 versi\u00f3n de firmware anterior a 1.02 e incluy\u00e9ndola y WSR-2533DHP3 versi\u00f3n de firmware anterior a 1.24 e incluy\u00e9ndola, podr\u00eda permitir a atacantes remotos no autenticados omitir la autenticaci\u00f3n"
    }
  ],
  "id": "CVE-2021-20090",
  "lastModified": "2025-02-06T21:15:16.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-04-29T15:15:10.630",
  "references": [
    {
      "source": "vulnreport@tenable.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/914124"
    },
    {
      "source": "vulnreport@tenable.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/"
    },
    {
      "source": "vulnreport@tenable.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/research/tra-2021-13"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/914124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/research/tra-2021-13"
    }
  ],
  "sourceIdentifier": "vulnreport@tenable.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

ghsa-6466-44wr-c6vv

Vulnerability from github

Published

2022-05-24 17:49

Modified

2024-07-25 18:32

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-20090"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-29T15:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 could allow unauthenticated remote attackers to bypass authentication.",
  "id": "GHSA-6466-44wr-c6vv",
  "modified": "2024-07-25T18:32:34Z",
  "published": "2022-05-24T17:49:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20090"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/914124"
    },
    {
      "type": "WEB",
      "url": "https://www.secpod.com/blog/arcadyan-based-routers-and-modems-under-active-exploitation"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/research/tra-2021-13"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2021-20090

Vulnerability from cvelistv5

CISA Known exploited vulnerability

Data from the Known Exploited Vulnerabilities Catalog

gsd-2021-20090

Vulnerability from gsd

var-202104-0768

Vulnerability from variot

fkie_cve-2021-20090

Vulnerability from fkie_nvd

ghsa-6466-44wr-c6vv

Vulnerability from github

Tags

Sightings

Nomenclature