CVE-2021-20090

CRITICAL KEV NUCLEI

Buffalo Wsr-2533dhpl2-bk Firmware < 1.02 - Path Traversal

Title source: rule

Description

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.

Nuclei Templates (1)

Buffalo WSR-2533DHPL2 - Path Traversal
CRITICALby gy741

References (4)

Scores

CVSS v3 9.8
EPSS 0.9437
EPSS Percentile 100.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2021-08-06
InTheWild.io 2021-08-06
ENISA EUVD EUVD-2021-7547
CWE
CWE-22
Status published
Products (2)
buffalo/wsr-2533dhp3-bk_firmware < 1.24
buffalo/wsr-2533dhpl2-bk_firmware < 1.02
Published Apr 29, 2021
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026