CVE-2021-20730
First published: Wed Jun 09 2021(Updated: )
Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Buffalo WSR-1166DHP4 | <=1.02 | |
| Buffalo WSR-1166DHP4 | ||
| Buffalo WSR-1166DHP3 Firmware | <=1.16 | |
| Buffalo WSR-1166DHP3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-20730?
CVE-2021-20730 is an improper access control vulnerability in the WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior, which allows an attacker to obtain configuration information.
What is the severity of CVE-2021-20730?
The severity of CVE-2021-20730 is medium with a CVSS score of 4.3.
How does CVE-2021-20730 affect Buffalo WSR-1166DHP3?
CVE-2021-20730 affects Buffalo WSR-1166DHP3 firmware versions up to and including 1.16.
How does CVE-2021-20730 affect Buffalo WSR-1166DHP4?
CVE-2021-20730 affects Buffalo WSR-1166DHP4 firmware versions up to and including 1.02.
How can I fix CVE-2021-20730?
To fix CVE-2021-20730, you should update the firmware of your Buffalo WSR-1166DHP3 or WSR-1166DHP4 router to a version that is not vulnerable.
- agent/type
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/buffalo
- canonical/buffalo wsr-1166dhp4
- version/buffalo wsr-1166dhp4/1.02
- canonical/buffalo wsr-1166dhp3 firmware
- version/buffalo wsr-1166dhp3 firmware/1.16
- canonical/buffalo wsr-1166dhp3