Vulnerabilities > CVE-2018-13324 - Incorrect Authorization vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
buffalo
CWE-863

Summary

Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to bypass authentication by sending a modified HTTP Host header.

Vulnerable Configurations

Part Description Count
OS
Buffalo
1
Hardware
Buffalo
1

Common Weakness Enumeration (CWE)