← Back

CVE-2011-1324

nvd nist
Published: May 9, 2011Modified: Apr 29, 2026

JSON object

Loading...
5.8
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:P
Exploitability: 8.6 / Impact: 4.9
Source: NVD

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.

Affected (118)

Buffalotech
43 products
As 100
Bbr 4hg
Bbr 4hg Firmware
Bbr 4mg
Bbr 4mg Firmware
Bhr 4rv
Bhr 4rv Firmware
Fs G54
Fs G54 Firmware
Wer A54g54
Wer A54g54 Firmware
Wer Ag54
Wer Ag54 Firmware
Wer Am54g54
Wer Am54g54 Firmware
Wer Amg54
Wer Amg54 Firmware
Whr Am54g54
Whr Am54g54 Firmware
Whr Amg54
Whr Amg54 Firmware
Whr Ampg
Whr Ampg Firmware
Whr G
Whr G54s
Whr G54s Firmware
Whr G Firmware
Whr Hp Ampg
Whr Hp Ampg Firmware
Whr Hp G
Whr Hp G54
Whr Hp G54 Firmware
Whr Hp G Firmware
Wzr Ampg144nh
Wzr Ampg144nh Firmware
Wzr Ampg300nh
Wzr Ampg300nh Firmware
Wzr G144n
Wzr G144n Firmware
Wzr G144nh
Wzr G144nh Firmware
Wzr2 G300n
Wzr2 G300n Firmware
Configuration A
118 vulnerable
Vulnerable SoftwareAffected Versions
As 100
All versions
Bbr 4hg
All versions
Buffalotech
Bbr 4hg Firmware
Version 1.02
Bbr 4hg Firmware
Version 1.04
Bbr 4hg Firmware
Version 1.04 beta
Bbr 4hg Firmware
Version 1.10
Bbr 4hg Firmware
Version 1.10 beta
Bbr 4hg Firmware
Version 1.11 beta
Bbr 4hg Firmware
Version 1.12
Bbr 4hg Firmware
Version 1.20
Bbr 4hg Firmware
Version 1.20 beta
Bbr 4hg Firmware
Version 1.30
Bbr 4hg Firmware
Version 1.30 beta
Bbr 4hg Firmware
Version 1.31
Bbr 4hg Firmware
Version 1.32
Bbr 4hg Firmware
Version 1.32 beta
Bbr 4hg Firmware
Version 1.33 beta
Bbr 4mg
All versions
Buffalotech
Bbr 4mg Firmware
Version 1.00
Bbr 4mg Firmware
Version 1.01 beta
Bbr 4mg Firmware
Version 1.03
Bbr 4mg Firmware
Version 1.04
Bbr 4mg Firmware
Version 1.04 beta
Bbr 4mg Firmware
Version 1.10
Bbr 4mg Firmware
Version 1.10 beta
Bbr 4mg Firmware
Version 1.11 beta
Bbr 4mg Firmware
Version 1.12
Bbr 4mg Firmware
Version 1.20
Bbr 4mg Firmware
Version 1.20 beta
Bbr 4mg Firmware
Version 1.30
Bbr 4mg Firmware
Version 1.30 beta
Bbr 4mg Firmware
Version 1.31
Bbr 4mg Firmware
Version 1.32
Bbr 4mg Firmware
Version 1.32 beta
Bbr 4mg Firmware
Version 1.33
Bbr 4mg Firmware
Version 1.33 beta
Bhr 4rv
All versions
Buffalotech
Bhr 4rv Firmware
Version 2.31
Bhr 4rv Firmware
Version 2.32 prebeta
Bhr 4rv Firmware
Version 2.33 prebeta
Bhr 4rv Firmware
Version 2.42
Bhr 4rv Firmware
Version 2.46
Bhr 4rv Firmware
Version 2.48
Fs G54
All versions
Fs G54 Firmware
Version 2.07
Wer A54g54
All versions
Buffalotech
Wer A54g54 Firmware
Version 1.00
Wer A54g54 Firmware
Version 1.01 beta
Wer A54g54 Firmware
Version 1.02
Wer A54g54 Firmware
Version 1.03
Wer A54g54 Firmware
Version 1.10
Wer A54g54 Firmware
Version 1.12
Wer A54g54 Firmware
Version 1.12 beta
Wer A54g54 Firmware
Version 1.13
Wer Ag54
All versions
Buffalotech
Wer Ag54 Firmware
Version 1.04
Wer Ag54 Firmware
Version 1.12
Wer Ag54 Firmware
Version 1.12 beta
Wer Am54g54
All versions
Buffalotech
Wer Am54g54 Firmware
Version 1.11
Wer Am54g54 Firmware
Version 1.12
Wer Am54g54 Firmware
Version 1.12 beta
Wer Am54g54 Firmware
Version 1.13
Wer Am54g54 Firmware
Version 1.14
Wer Amg54
All versions
Buffalotech
Wer Amg54 Firmware
Version 1.11
Wer Amg54 Firmware
Version 1.12
Wer Amg54 Firmware
Version 1.14
Whr Am54g54
All versions
Buffalotech
Whr Am54g54 Firmware
Version 1.30
Whr Am54g54 Firmware
Version 1.38
Whr Am54g54 Firmware
Version 1.40
Whr Am54g54 Firmware
Version 1.42
Whr Amg54
All versions
Buffalotech
Whr Amg54 Firmware
Version 1.31
Whr Amg54 Firmware
Version 1.38
Whr Amg54 Firmware
Version 1.40
Whr Amg54 Firmware
Version 1.42
Whr Ampg
All versions
Whr Ampg Firmware
Version 1.46
Whr G
All versions
Whr G54s
All versions
Buffalotech
Whr G54s Firmware
Version 1.20
Whr G54s Firmware
Version 1.21
Whr G54s Firmware
Version 1.23
Whr G54s Firmware
Version 1.38
Whr G54s Firmware
Version 1.40
Whr G54s Firmware
Version 1.42
Whr G Firmware
Version 1.46
Whr Hp Ampg
All versions
Whr Hp Ampg Firmware
Version 1.32
Whr Hp G
All versions
Whr Hp G54
All versions
Buffalotech
Whr Hp G54 Firmware
Version 1.20
Whr Hp G54 Firmware
Version 1.21
Whr Hp G54 Firmware
Version 1.23
Whr Hp G54 Firmware
Version 1.38
Whr Hp G54 Firmware
Version 1.40
Whr Hp G54 Firmware
Version 1.42
Whr Hp G Firmware
Version 1.46
Wzr Ampg144nh
All versions
Buffalotech
Wzr Ampg144nh Firmware
Version 1.47
Wzr Ampg144nh Firmware
Version 1.48 beta
Wzr Ampg300nh
All versions
Wzr Ampg300nh Firmware
Version 1.48
Wzr G144n
All versions
Buffalotech
Wzr G144n Firmware
Version 1.45
Wzr G144n Firmware
Version 1.46 beta
Wzr G144n Firmware
Version 1.47
Wzr G144n Firmware
Version 1.47 beta
Wzr G144nh
All versions
Buffalotech
Wzr G144nh Firmware
Version 1.45
Wzr G144nh Firmware
Version 1.47
Wzr G144nh Firmware
Version 1.47 beta
Wzr G144nh Firmware
Version 1.48
Wzr2 G300n
All versions
Buffalotech
Wzr2 G300n Firmware
Version 1.48
Wzr2 G300n Firmware
Version 1.50 beta

Related CWEs

CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (4)

Source: vultures@jpcert.or.jp
Source: vultures@jpcert.or.jp
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.