CVE-2021-20092 PoC — Buffalo WSR-2533DHPL2 授权问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-20092.yaml

Associated Vulnerability

Title:Buffalo WSR-2533DHPL2 授权问题漏洞 (CVE-2021-20092)
Description:Buffalo WSR-2533DHPL2是日本Buffalo公司的一个路由器。 Buffalo WSR-2533DHPL2 存在授权问题漏洞，该漏洞源于web界面的访问限制不当。以下产品及版本受到影响：WSR-2533DHPL2: 1.02。

Description

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.

File Snapshot


 id: CVE-2021-20092

info:
  name: Buffalo WSR-2533DHPL2 - Improper Access Control
  author: gy741,pd

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!