CVE-2021-20092

HIGH EXPLOITED NUCLEI

Buffalo Wsr-2533dhpl2-bk Firmware < 1.02 - Authentication Bypass

Title source: rule

Description

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.

Nuclei Templates (1)

Buffalo WSR-2533DHPL2 - Improper Access Control

HIGHby gy741,pdteam,parth

References (1)

[Third Party Advisory] https://www.tenable.com/security/research/tra-2021-13

Scores

CVSS v3 7.5

EPSS 0.6876

EPSS Percentile 98.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2025-02-25

CWE

CWE-287

Status published

Products (2)

buffalo/wsr-2533dhp3-bk_firmware < 1.24

buffalo/wsr-2533dhpl2-bk_firmware < 1.02

Published Apr 29, 2021

Tracked Since Feb 18, 2026