CVE-2021-3512

Improper access control vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to bypass access restriction and to start telnet service and execute arbitrary OS commands with root privileges via unspecified vectors.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:buffalo:bhr-4grv_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:bhr-4grv:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:dwr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:buffalo:hw-450hp-zwe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:hw-450hp-zwe:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:buffalo:whr-300hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-300hp:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:buffalo:whr-300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-300:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:buffalo:whr-g301n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-g301n:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:buffalo:whr-hp-g300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-hp-g300n:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:buffalo:whr-hp-gn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:whr-hp-gn:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:buffalo:wpl-05g300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wpl-05g300:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-450hp-cwt:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:buffalo:wzr-450hp-ub_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-450hp-ub:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-ag300h:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-g301nh:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-g302h_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-g302h:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:buffalo:wzr-hp-g450h_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-hp-g450h:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:buffalo:wzr-300hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-300hp:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:buffalo:wzr-450hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-450hp:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:buffalo:wzr-600dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:buffalo:wzr-d1100h_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-d1100h:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:buffalo:fs-hp-g300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-hp-g300n:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:buffalo:fs-600dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-600dhp:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:buffalo:fs-r600dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-r600dhp:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:buffalo:fs-g300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-g300n:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:21

Type Values Removed Values Added
References () https://jvn.jp/en/vu/JVNVU99235714/index.html - Third Party Advisory () https://jvn.jp/en/vu/JVNVU99235714/index.html - Third Party Advisory
References () https://www.buffalo.jp/news/detail/20210427-01.html - Vendor Advisory () https://www.buffalo.jp/news/detail/20210427-01.html - Vendor Advisory

Information

Published : 2021-04-28 01:15

Updated : 2024-11-21 06:21


NVD link : CVE-2021-3512

Mitre link : CVE-2021-3512

CVE.ORG link : CVE-2021-3512


JSON object : View

Products Affected

buffalo

  • wzr-d1100h_firmware
  • wzr-300hp
  • fs-r600dhp
  • fs-g300n
  • wzr-450hp-cwt_firmware
  • fs-600dhp
  • wzr-hp-ag300h_firmware
  • dwr-hp-g300nh
  • whr-hp-gn_firmware
  • wzr-hp-g300nh_firmware
  • wzr-hp-g450h_firmware
  • wzr-450hp-ub
  • fs-hp-g300n_firmware
  • whr-hp-gn
  • wzr-hp-g301nh_firmware
  • whr-hp-g300n_firmware
  • wzr-hp-ag300h
  • wzr-hp-g300nh
  • wzr-600dhp
  • fs-g300n_firmware
  • fs-600dhp_firmware
  • whr-300
  • wzr-600dhp_firmware
  • bhr-4grv
  • whr-g301n
  • wpl-05g300
  • whr-300hp
  • wzr-450hp-ub_firmware
  • wzr-hp-g450h
  • whr-g301n_firmware
  • wpl-05g300_firmware
  • fs-hp-g300n
  • wzr-hp-g301nh
  • wzr-hp-g302h
  • wzr-450hp
  • wzr-300hp_firmware
  • whr-300_firmware
  • hw-450hp-zwe
  • wzr-d1100h
  • fs-r600dhp_firmware
  • wzr-hp-g302h_firmware
  • bhr-4grv_firmware
  • whr-300hp_firmware
  • hw-450hp-zwe_firmware
  • wzr-450hp-cwt
  • wzr-450hp_firmware
  • dwr-hp-g300nh_firmware
  • whr-hp-g300n