CVE-2023-24544
Summary
| CVE | CVE-2023-24544 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-04-11 09:15:00 UTC |
| Updated | 2023-04-18 19:36:00 UTC |
| Description | Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Buffalo | Bs-gs2008 | - | All | All | All |
| Hardware | Buffalo | Bs-gs2008p | - | All | All | All |
| Operating System | Buffalo | Bs-gs2008p Firmware | All | All | All | All |
| Operating System | Buffalo | Bs-gs2008 Firmware | All | All | All | All |
| Hardware | Buffalo | Bs-gs2016 | - | All | All | All |
| Hardware | Buffalo | Bs-gs2016hp | - | All | All | All |
| Operating System | Buffalo | Bs-gs2016hp Firmware | All | All | All | All |
| Hardware | Buffalo | Bs-gs2016p | - | All | All | All |
| Operating System | Buffalo | Bs-gs2016p Firmware | All | All | All | All |
| Operating System | Buffalo | Bs-gs2016p Firmware | All | All | All | All |
| Operating System | Buffalo | Bs-gs2016 Firmware | All | All | All | All |
| Hardware | Buffalo | Bs-gs2024 | - | All | All | All |
| Hardware | Buffalo | Bs-gs2024hp | - | All | All | All |
| Operating System | Buffalo | Bs-gs2024hp Firmware | All | All | All | All |
| Hardware | Buffalo | Bs-gs2024p | - | All | All | All |
| Operating System | Buffalo | Bs-gs2024p Firmware | All | All | All | All |
| Operating System | Buffalo | Bs-gs2024p Firmware | All | All | All | All |
| Operating System | Buffalo | Bs-gs2024 Firmware | All | All | All | All |
| Hardware | Buffalo | Bs-gs2048 | - | All | All | All |
| Operating System | Buffalo | Bs-gs2048 Firmware | All | All | All | All |
| Hardware | Buffalo | Bs-gsl2016 | - | All | All | All |
| Hardware | Buffalo | Bs-gsl2016p | - | All | All | All |
| Operating System | Buffalo | Bs-gsl2016p Firmware | All | All | All | All |
| Operating System | Buffalo | Bs-gsl2016 Firmware | All | All | All | All |
| Hardware | Buffalo | Bs-gsl2024 | - | All | All | All |
| Operating System | Buffalo | Bs-gsl2024 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| JVNVU#96824262: Multiple vulnerabilities in Buffalo network devices | MISC | jvn.jp | Third Party Advisory |
| 【更新】スイッチの一部商品における複数の脆弱性とその対処方法 | バッファロー | MISC | www.buffalo.jp | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.