PT-2025-9993 · Buffalo · Buffalo Ls520D

Published

2025-03-06

·

Updated

2025-03-07

·

CVE-2025-26167

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Buffalo LS520D version 4.53
Description The issue allows unauthenticated attackers to access the NAS web UI and read arbitrary internal files.
Recommendations For Buffalo LS520D version 4.53, update to a newer version that contains a fix for this issue.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2025-26167

Affected Products

Buffalo Ls520D