Published:2023/03/07  Last Updated:2023/03/07

JVNVU#96824262
Multiple vulnerabilities in Buffalo network devices

Overview

Multiple network devices provided by BUFFALO INC. contain multiple vulnerabilities.

Products Affected

CVE-2023-26588、CVE-2023-24544

  • BS-GSL2024 firmware Ver. 1.10-0.03 and earlier
  • BS-GSL2016P firmware Ver. 1.10-0.03 and earlier
  • BS-GSL2016 firmware Ver. 1.10-0.03 and earlier
  • BS-GS2008 firmware Ver. 1.0.10.01 and earlier
  • BS-GS2016 firmware Ver. 1.0.10.01 and earlier
  • BS-GS2024 firmware Ver. 1.0.10.01 and earlier
  • BS-GS2048 firmware Ver. 1.0.10.01 and earlier
  • BS-GS2008P firmware Ver. 1.0.10.01 and earlier
  • BS-GS2016P firmware Ver. 1.0.10.01 and earlier
  • BS-GS2024P firmware Ver. 1.0.10.01 and earlier
CVE-2023-24464
  • BS-GS2008 firmware Ver. 1.0.10.01 and earlier
  • BS-GS2016 firmware Ver. 1.0.10.01 and earlier
  • BS-GS2024 firmware Ver. 1.0.10.01 and earlier
  • BS-GS2048 firmware Ver. 1.0.10.01 and earlier
  • BS-GS2008P firmware Ver. 1.0.10.01 and earlier
  • BS-GS2016P firmware Ver. 1.0.10.01 and earlier
  • BS-GS2024P firmware Ver. 1.0.10.01 and earlier

Description

Multiple network devices provided by BUFFALO INC. contain multiple vulnerabilities listed below.

  • Use of hard-coded credentials (CWE-798) - CVE-2023-26588
    CVSS v3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score: 2.4
  • Improper access control (CWE-284) - CVE-2023-24544
    CVSS v3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Base Score: 6.5
  • Stored cross-site scripting (CWE-79) - CVE-2023-24464
    CVSS v3 CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 4.0

Impact

  • An attacker may access the debug function of the product - CVE-2023-26588
  • An attacker may obtain specific files of the product and as a result, the product settings may be altered - CVE-2023-24544
  • An attacker with access to the web management console of the product may execute arbitrary JavaScript on a legitimate user's web browser - CVE-2023-24464

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
BUFFALO INC. Vulnerable 2023/03/07 BUFFALO INC. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Thomas J. Knudsen and Samy Younsi of NeroTeam Security Labs reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2023-26588
CVE-2023-24544
CVE-2023-24464
JVN iPedia