PT-2018-11742 · Buffalo · Buffalo Ts5600D1206

Published

2018-11-26

Updated

2018-12-31

CVE-2018-13319

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Buffalo TS5600D1206 version 3.61-0.10

Description The issue allows attackers to determine sensitive device information via an unauthenticated POST request due to incorrect access control in the get portal info function.

Recommendations For Buffalo TS5600D1206 version 3.61-0.10, consider restricting access to the get portal info function until a patch is available.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-13319

Affected Products

Buffalo Ts5600D1206

PT-2018-11742 · Buffalo · Buffalo Ts5600D1206

CVE-2018-13319

Weakness Enumeration

Related Identifiers

Affected Products

References · 3