[Japanese]

JVNDB-2020-000063

Multiple vulnerabilities in Buffalo AirStation WHR-G54S

Overview

Buffalo AirStation WHR-G54S contains multiple vulnerabilities listed below.
* Directory Traversal - CVE-2020-5605
* Cross-site Scripting - CVE-2020-5606

RyotaK reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 4.1 (Medium) [IPA Score]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 2.7 (Low) [IPA Score]
  • Access Vector: Adjacent Network
  • Access Complexity: Low
  • Authentication: Single Instance
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2020-5605

CVSS V3 Severity:
Base Metrics: 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics: 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2020-5606
Affected Products


BUFFALO INC.
  • airstation whr-g54s 1.43 and earlier

Impact

* An attacker who is logged in to the product may access sensitive information such as setting values - CVE-2020-5605
* When a user who is logged in to the product accesses a specially crafted page, an arbitrary script may be executed on the user's web browser - CVE-2020-5606
Solution

[Apply a workaround]
Applying the following workarounds may mitigate the impacts of these vulnerabilities.

* Log off when the setting screen is not being used
This product is designed to log off automatically when the setting screen is not operated for 5 minutes
* Do not check other web pages while logged in to the setting screen
* Change the default password

[Do not use the product]
According to the developer, the product is no longer supported and it is recommended for the users to use alternative products.
Please refer to the information provided by the developer for more details.
Vendor Information

BUFFALO INC.
CWE (What is CWE?)

  1. Path Traversal(CWE-22) [IPA Evaluation]
  2. Cross-site Scripting(CWE-79) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2020-5605
  2. CVE-2020-5606
References

  1. JVN : JVN#09166495
  2. National Vulnerability Database (NVD) : CVE-2020-5605
  3. National Vulnerability Database (NVD) : CVE-2020-5606
Revision History

  • [2020/09/11]
      Web page was published

Date Public2020/09/11
Date First Published2020/09/11
Date Last Updated2020/09/11