CVE-2011-1324 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR WZR2 WZR WER and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings as demonstrated by changing the login password.

Reference

http://buffalo.jp/support_s/20080808/csrf.html http://jvn.jp/en/jp/JVN50505257/index.html