CVE-2024-23486

Summary

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.

Affected Software

VendorProductVersion RangeStatus
BUFFALO INC.WSR-2533DHPfirmware Ver. 1.06 and earlieraffected
BUFFALO INC.WSR-2533DHPLfirmware Ver. 1.06 and earlieraffected
BUFFALO INC.WSR-2533DHP2firmware Ver. 1.10 and earlieraffected
BUFFALO INC.WSR-A2533DHP2firmware Ver. 1.10 and earlieraffected

Weaknesses

  • Plaintext Storage of a Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References