CVE-2011-1324
09.05.2011, 19:55
Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.
| Vendor | Product | Version |
|---|---|---|
| buffalotech | bbr-4hg_firmware | 1.02 |
| buffalotech | bbr-4hg_firmware | 1.04 |
| buffalotech | bbr-4hg_firmware | 1.04:beta |
| buffalotech | bbr-4hg_firmware | 1.10 |
| buffalotech | bbr-4hg_firmware | 1.10:beta |
| buffalotech | bbr-4hg_firmware | 1.11:beta |
| buffalotech | bbr-4hg_firmware | 1.12 |
| buffalotech | bbr-4hg_firmware | 1.20 |
| buffalotech | bbr-4hg_firmware | 1.20:beta |
| buffalotech | bbr-4hg_firmware | 1.30 |
| buffalotech | bbr-4hg_firmware | 1.30:beta |
| buffalotech | bbr-4hg_firmware | 1.31 |
| buffalotech | bbr-4hg_firmware | 1.32 |
| buffalotech | bbr-4hg_firmware | 1.32:beta |
| buffalotech | bbr-4hg_firmware | 1.33:beta |
| buffalotech | bbr-4mg_firmware | 1.00 |
| buffalotech | bbr-4mg_firmware | 1.01:beta |
| buffalotech | bbr-4mg_firmware | 1.03 |
| buffalotech | bbr-4mg_firmware | 1.04 |
| buffalotech | bbr-4mg_firmware | 1.04:beta |
| buffalotech | bbr-4mg_firmware | 1.10 |
| buffalotech | bbr-4mg_firmware | 1.10:beta |
| buffalotech | bbr-4mg_firmware | 1.11:beta |
| buffalotech | bbr-4mg_firmware | 1.12 |
| buffalotech | bbr-4mg_firmware | 1.20 |
| buffalotech | bbr-4mg_firmware | 1.20:beta |
| buffalotech | bbr-4mg_firmware | 1.30 |
| buffalotech | bbr-4mg_firmware | 1.30:beta |
| buffalotech | bbr-4mg_firmware | 1.31 |
| buffalotech | bbr-4mg_firmware | 1.32 |
| buffalotech | bbr-4mg_firmware | 1.32:beta |
| buffalotech | bbr-4mg_firmware | 1.33 |
| buffalotech | bbr-4mg_firmware | 1.33:beta |
| buffalotech | bhr-4rv_firmware | 2.31 |
| buffalotech | bhr-4rv_firmware | 2.32:prebeta |
| buffalotech | bhr-4rv_firmware | 2.33:prebeta |
| buffalotech | bhr-4rv_firmware | 2.42 |
| buffalotech | bhr-4rv_firmware | 2.46 |
| buffalotech | bhr-4rv_firmware | 2.48 |
| buffalotech | fs-g54_firmware | 2.07 |
| buffalotech | wer-a54g54_firmware | 1.00 |
| buffalotech | wer-a54g54_firmware | 1.01:beta |
| buffalotech | wer-a54g54_firmware | 1.02 |
| buffalotech | wer-a54g54_firmware | 1.03 |
| buffalotech | wer-a54g54_firmware | 1.10 |
| buffalotech | wer-a54g54_firmware | 1.12 |
| buffalotech | wer-a54g54_firmware | 1.12:beta |
| buffalotech | wer-a54g54_firmware | 1.13 |
| buffalotech | wer-ag54_firmware | 1.04 |
| buffalotech | wer-ag54_firmware | 1.12 |
| buffalotech | wer-ag54_firmware | 1.12:beta |
| buffalotech | wer-am54g54_firmware | 1.11 |
| buffalotech | wer-am54g54_firmware | 1.12 |
| buffalotech | wer-am54g54_firmware | 1.12:beta |
| buffalotech | wer-am54g54_firmware | 1.13 |
| buffalotech | wer-am54g54_firmware | 1.14 |
| buffalotech | wer-amg54_firmware | 1.11 |
| buffalotech | wer-amg54_firmware | 1.12 |
| buffalotech | wer-amg54_firmware | 1.14 |
| buffalotech | whr-am54g54_firmware | 1.30 |
| buffalotech | whr-am54g54_firmware | 1.38 |
| buffalotech | whr-am54g54_firmware | 1.40 |
| buffalotech | whr-am54g54_firmware | 1.42 |
| buffalotech | whr-amg54_firmware | 1.31 |
| buffalotech | whr-amg54_firmware | 1.38 |
| buffalotech | whr-amg54_firmware | 1.40 |
| buffalotech | whr-amg54_firmware | 1.42 |
| buffalotech | whr-ampg_firmware | 1.46 |
| buffalotech | whr-g_firmware | 1.46 |
| buffalotech | whr-g54s_firmware | 1.20 |
| buffalotech | whr-g54s_firmware | 1.21 |
| buffalotech | whr-g54s_firmware | 1.23 |
| buffalotech | whr-g54s_firmware | 1.38 |
| buffalotech | whr-g54s_firmware | 1.40 |
| buffalotech | whr-g54s_firmware | 1.42 |
| buffalotech | whr-hp-ampg_firmware | 1.32 |
| buffalotech | whr-hp-g_firmware | 1.46 |
| buffalotech | whr-hp-g54_firmware | 1.20 |
| buffalotech | whr-hp-g54_firmware | 1.21 |
| buffalotech | whr-hp-g54_firmware | 1.23 |
| buffalotech | whr-hp-g54_firmware | 1.38 |
| buffalotech | whr-hp-g54_firmware | 1.40 |
| buffalotech | whr-hp-g54_firmware | 1.42 |
| buffalotech | wzr-ampg144nh_firmware | 1.47 |
| buffalotech | wzr-ampg144nh_firmware | 1.48:beta |
| buffalotech | wzr-ampg300nh_firmware | 1.48 |
| buffalotech | wzr-g144n_firmware | 1.45 |
| buffalotech | wzr-g144n_firmware | 1.46:beta |
| buffalotech | wzr-g144n_firmware | 1.47 |
| buffalotech | wzr-g144n_firmware | 1.47:beta |
| buffalotech | wzr-g144nh_firmware | 1.45 |
| buffalotech | wzr-g144nh_firmware | 1.47 |
| buffalotech | wzr-g144nh_firmware | 1.47:beta |
| buffalotech | wzr-g144nh_firmware | 1.48 |
| buffalotech | wzr2-g300n_firmware | 1.48 |
| buffalotech | wzr2-g300n_firmware | 1.50:beta |
| buffalotech | as-100 | * |
| buffalotech | bbr-4hg | * |
| buffalotech | bbr-4mg | * |
| buffalotech | bhr-4rv | * |
| buffalotech | fs-g54 | * |
| buffalotech | wer-a54g54 | * |
| buffalotech | wer-ag54 | * |
| buffalotech | wer-am54g54 | * |
| buffalotech | wer-amg54 | * |
| buffalotech | whr-am54g54 | * |
| buffalotech | whr-amg54 | * |
| buffalotech | whr-ampg | * |
| buffalotech | whr-g | * |
| buffalotech | whr-g54s | * |
| buffalotech | whr-hp-ampg | * |
| buffalotech | whr-hp-g | * |
| buffalotech | whr-hp-g54 | * |
| buffalotech | wzr-ampg144nh | * |
| buffalotech | wzr-ampg300nh | * |
| buffalotech | wzr-g144n | * |
| buffalotech | wzr-g144nh | * |
| buffalotech | wzr2-g300n | * |
𝑥
= Vulnerable software versions
Common Weakness Enumeration