PT-2019-8697 · Buffalo · Bn-Sdwbp3

Taizoh Tsukamoto

Published

2019-01-09

Updated

2019-02-11

CVE-2018-0676

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions BN-SDWBP3 firmware versions 1.0.9 and earlier

Description The issue allows an attacker on the same network segment to bypass authentication and access the management screen, where they can execute an arbitrary command. The exact vectors used for this exploitation are not specified.

Recommendations For BN-SDWBP3 firmware versions 1.0.9 and earlier, update to a version later than 1.0.9 to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2018-0676

Affected Products

Bn-Sdwbp3

PT-2019-8697 · Buffalo · Bn-Sdwbp3

CVE-2018-0676

Weakness Enumeration

Related Identifiers

Affected Products

References · 4