CVE-2021-20090

Beschreibung:
A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication. CWE: CWE-22

CVSS-Bewertung
CVSS 2: HIGH – 7.5 (Version: 2.0)
CVSS 3: CRITICAL – 9.8 (Version: 3.1)

Links:

NVD – CVE-2021-20090
CVE – CVE-2021-20090

Link (max. 20) Quelle Tags
https://www.tenable.com/security/research/tra-2021-13 MISC Third Party Advisory Third Party Advisory
FEDORA-2021-7e2a143808 FEDORA Patch Third Party Advisory Third Party Advisory Third Party Advisory
FEDORA-2021-a499f89369 FEDORA Patch Third Party Advisory
https://github.com/PHPFusion/PHPFusion/commit/1c2b32321cf11ed1cd3ff835f8da0d172c849ce6 MISC Patch Third Party Advisory
https://github.com/PHPFusion/PHPFusion/commit/08d6c2ea49bd06fcce32275252f5f25abe61965c MISC Patch Third Party Advisory

Quelle: NVD – CVE-2021-20090
Datum Veröffentlichung: 2021-04-29T15:15Z, Datum letzte Änderung: 2021-05-08T04:41Z