CVE-2021-20090

Name of the Vulnerable Software and Affected Versions Buffalo WSR-2533DHPL2 firmware version <= 1.02 Buffalo WSR-2533DHP3 firmware version <= 1.24

Description A path traversal vulnerability in the web interfaces of Buffalo routers could allow unauthenticated remote attackers to bypass authentication. This issue is related to the possibility of directory path traversal, which may enable a remote attacker to circumvent the authentication process.

Recommendations For Buffalo WSR-2533DHPL2 firmware version <= 1.02, consider disabling remote access to the web interface until a patch is available. For Buffalo WSR-2533DHP3 firmware version <= 1.24, restrict access to the vulnerable web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.