Vulnerability Details CVE-2023-24544
Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.0%
CVSS Severity
CVSS v3 Score 8.1
References
Products affected by CVE-2023-24544
-
cpe:2.3:h:buffalo:bs-gs2008:-
-
cpe:2.3:h:buffalo:bs-gs2008p:-
-
cpe:2.3:h:buffalo:bs-gs2016:-
-
cpe:2.3:h:buffalo:bs-gs2016hp:-
-
cpe:2.3:h:buffalo:bs-gs2016p:-
-
cpe:2.3:h:buffalo:bs-gs2024:-
-
cpe:2.3:h:buffalo:bs-gs2024hp:-
-
cpe:2.3:h:buffalo:bs-gs2024p:-
-
cpe:2.3:h:buffalo:bs-gs2048:-
-
cpe:2.3:h:buffalo:bs-gsl2016:-
-
cpe:2.3:h:buffalo:bs-gsl2016p:-
-
cpe:2.3:h:buffalo:bs-gsl2024:-
-
cpe:2.3:o:buffalo:bs-gs2008_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2008_firmware:1.0.10.01
-
cpe:2.3:o:buffalo:bs-gs2008p_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2008p_firmware:1.0.10.01
-
cpe:2.3:o:buffalo:bs-gs2016_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2016_firmware:1.0.10.01
-
cpe:2.3:o:buffalo:bs-gs2016hp_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2016p_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2016p_firmware:1.0.10.01
-
cpe:2.3:o:buffalo:bs-gs2024_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2024_firmware:1.0.10.01
-
cpe:2.3:o:buffalo:bs-gs2024hp_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2024p_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2024p_firmware:1.0.10.01
-
cpe:2.3:o:buffalo:bs-gs2048_firmware:-
-
cpe:2.3:o:buffalo:bs-gs2048_firmware:1.0.10.01
-
cpe:2.3:o:buffalo:bs-gsl2016_firmware:-
-
cpe:2.3:o:buffalo:bs-gsl2016_firmware:1.10-0.03
-
cpe:2.3:o:buffalo:bs-gsl2016p_firmware:-
-
cpe:2.3:o:buffalo:bs-gsl2016p_firmware:1.10-0.03
-
cpe:2.3:o:buffalo:bs-gsl2024_firmware:-
-
cpe:2.3:o:buffalo:bs-gsl2024_firmware:1.10-0.03