CVE-2021-3511 - OpenCVE

Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to obtain information such as configuration via unspecified vectors.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:A/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Buffalo	Wzr-d1100h Wzr-450hp-cwt Wzr-hp-ag300h Firmware Wzr-600dhp Firmware Hw-450hp-zwe Firmware Wzr-hp-g301nh Firmware Whr-300hp Firmware Wzr-hp-g450h Firmware Bhr-4grv Firmware Fs-600dhp Firmware Fs-r600dhp Firmware Fs-g300n Firmware Fs-hp-g300n Wzr-hp-g301nh Wzr-450hp-ub Bhr-4grv Wzr-450hp-ub Firmware Wzr-d1100h Firmware Whr-300hp Wpl-05g300 Whr-g301n Whr-hp-g300n Firmware Wzr-hp-g300nh Wzr-hp-g450h Wzr-300hp Whr-g301n Firmware Wzr-hp-ag300h Wzr-300hp Firmware Whr-hp-g300n Wzr-hp-g302h Firmware Fs-hp-g300n Firmware Whr-hp-gn Wzr-450hp Wpl-05g300 Firmware Fs-r600dhp Whr-300 Firmware Hw-450hp-zwe Wzr-450hp-cwt Firmware Wzr-450hp Firmware Wzr-hp-g302h Fs-600dhp Dwr-hp-g300nh Whr-300 Whr-hp-gn Firmware Wzr-hp-g300nh Firmware Dwr-hp-g300nh Firmware Wzr-600dhp Fs-g300n

Configuration 1 [-]

AND

cpe:2.3:o:buffalo:bhr-4grv_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:bhr-4grv:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:dwr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:buffalo:hw-450hp-zwe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:hw-450hp-zwe:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:buffalo:whr-300hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-300hp:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:buffalo:whr-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-300:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:buffalo:whr-g301n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g301n:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:buffalo:whr-hp-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-g300n:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:buffalo:whr-hp-gn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-gn:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:buffalo:wpl-05g300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wpl-05g300:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp-cwt:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp-ub_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp-ub:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-ag300h:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g301nh:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g302h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g302h:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g450h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g450h:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:buffalo:wzr-300hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-300hp:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:buffalo:wzr-600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:buffalo:wzr-d1100h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-d1100h:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:buffalo:fs-hp-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-hp-g300n:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:buffalo:fs-600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-600dhp:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:buffalo:fs-r600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-r600dhp:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:buffalo:fs-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-g300n:-:*:*:*:*:*:*:*

References

Link	Resource
https://jvn.jp/en/vu/JVNVU99235714/index.html	Third Party Advisory
https://www.buffalo.jp/news/detail/20210427-01.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2021-04-28T00:45:26

Updated: 2021-04-28T00:45:26

Reserved: 2021-04-22T00:00:00

Link: CVE-2021-3511

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-04-28T01:15:17.153

Modified: 2022-07-12T17:42:04.277

Link: CVE-2021-3511

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other