CVE-2017-2126

WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
buffalowapm-1166d_firmware
𝑥
≤ 1.2.7
buffalowapm-apg600h_firmware
𝑥
≤ 1.16.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://buffalo.jp/support_s/s20170718.html
https://jvn.jp/en/jp/JVN48823557/index.html
http://buffalo.jp/support_s/s20170718.html
https://jvn.jp/en/jp/JVN48823557/index.html