CVE-2021-20090

Description from NVD

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.

Information Acquisition Date:2021-11-26T22:00Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://www.tenable.com/security/research/tra-2021-13
     source:MISC
     tags:Third Party Advisory    
 VU#914124
     source:CERT-VN
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:



List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...241
https://lists.astaro.com/ASGV9-IPS-rules.html#030
https://news.ycombinator.com/item?id=281063465
https://medium.com/tenable-techblog/bypassing-authenticatio...4
https://www.tenable.com/security/research/tra-2021-134
https://www.adslzone.net/noticias/seguridad/cve-2021-20090-...4
https://ift.tt/3xxyhu83
https://twitter.com/bearstech/status/14247189650000486413
https://www.nsa.gov/Press-Room/Press-Releases-Statements/Pr...3
https://threatpost.com/auth-bypass-bug-routers-exploited/16...3
https://blogs.juniper.net/en-us/security/freshly-disclosed-...3
https://thehackernews.com/2021/08/hackers-exploiting-new-au...3
https://securityaffairs.co/wordpress/120908/hacking/cve-202...3
https://www.bleepingcomputer.com/news/security/actively-exp...3
https://ipssignatures.appspot.com/?cve=CVE-2021-200903

Information from Twitter

User URL Info Source Date
autumn_good_35 https://www.nsa.gov/Press-Room/Press-Releases-Statements/Pr... Source autumn_good_35   1578319068020428801 2022/10/07
autumn_good_35 https://twitter.com/autumn_good_35/status/15783190680204288... Source autumn_good_35   1578319068020428801 2022/10/07
hrbrmstr https://viz.greynoise.io/query/?gnql=cve%3ACVE-2021-44228%2... Source hrbrmstr         1578392826378952704 2022/10/07
lightmare8 https://www.tenable.com/security/research/tra-2021-13 Source lightmare8       1580760882392764416 2022/10/14
lightmare8 https://twitter.com/lightmare8/status/1580760882392764416/p... Source lightmare8       1580760882392764416 2022/10/14
lightmare8 https://iototsecnews.jp/2021/08/07/cve-2021-20090-actively-... Source lightmare8       1580764927689895936 2022/10/14

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com241
lists.astaro.com30
news.ycombinator.com5
medium.com4
www.tenable.com4
www.adslzone.net4
ift.tt3
twitter.com3
www.nsa.gov3
threatpost.com3
blogs.juniper.net3
thehackernews.com3
securityaffairs.co3
www.bleepingcomputer.com3
ipssignatures.appspot.com3

Information from Twitter

User URL Info Source
autumn_good_35 nsa.gov Show Tweet
autumn_good_35 twitter.com Show Tweet
hrbrmstr viz.greynoise.io Show Tweet
lightmare8 tenable.com Show Tweet
lightmare8 twitter.com Show Tweet
lightmare8 iototsecnews.jp Show Tweet

GitHub Search Results: Up to 10
NameURL
No Data

GitHub Search Results: Up to 10
NameURL
No Data

2022/10/14 Score : 0
Added Har-sia Database : 2021/04/30
Last Modified : 2022/10/14
Highest Scored Date : 2021/08/08
Highest Score : 55