Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Buffalo AirStation WHR-G54S Web Management 跨站请求伪造漏洞
Vulnerability Description
Buffalo AirStation WHR-G54S 1.20版本中的设备管理界面存在跨站请求伪造漏洞,远程攻击者以管理员身份借助cgi-bin/cgi的inp req参数中的res参数中特定HTML页面的HTTP请求改变配置。例如访问(1) ap.html和(2) filter_ip.html。
CVSS Information
N/A
Vulnerability Type
N/A