CVE-2021-3511 Information

Description

Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior DWR-HP-G300NH firmware Ver.1.83 and prior HW-450HP-ZWE firmware Ver.1.99 and prior WHR-300HP firmware Ver.1.99 and prior WHR-300 firmware Ver.1.99 and prior WHR-G301N firmware Ver.1.86 and prior WHR-HP-G300N firmware Ver.1.99 and prior WHR-HP-GN firmware Ver.1.86 and prior WPL-05G300 firmware Ver.1.87 and prior WZR-450HP-CWT firmware Ver.1.99 and prior WZR-450HP-UB firmware Ver.1.99 and prior WZR-HP-AG300H firmware Ver.1.75 and prior WZR-HP-G300NH firmware Ver.1.83 and prior WZR-HP-G301NH firmware Ver.1.83 and prior WZR-HP-G302H firmware Ver.1.85 and prior WZR-HP-G450H firmware Ver.1.89 and prior WZR-300HP firmware Ver.1.99 and prior WZR-450HP firmware Ver.1.99 and prior WZR-600DHP firmware Ver.1.99 and prior WZR-D1100H firmware Ver.1.99 and prior FS-HP-G300N firmware Ver.3.32 and prior FS-600DHP firmware Ver.3.38 and prior FS-R600DHP firmware Ver.3.39 and prior and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to obtain information such as configuration via unspecified vectors.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Reference

https://jvn.jp/en/vu/JVNVU99235714/index.html https://www.buffalo.jp/news/detail/20210427-01.html

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

NONE

Base Severity

4.3