Vulnerabilities (CVE)

Filtered by vendor Buffalotech Subscribe
Filtered by product Airstation Whr-g54s
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4822 2 Buffalotech, Oracle 2 Airstation Whr-g54s, Database Server 2024-11-21 4.3 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html.