CVE-2023-46711

Summary

VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user.

Affected Software

VendorProductVersion RangeStatus
BUFFALO INC.VR-S1000firmware Ver. 2.37 and earlieraffected

Weaknesses

  • Use of Hard-coded Cryptographic Key

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References