Vulnerabilities > CVE-2018-13324 - Incorrect Authorization vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
buffalo
CWE-863
critical

Summary

Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to bypass authentication by sending a modified HTTP Host header.

Vulnerable Configurations

Part Description Count
OS
Buffalo
1
Hardware
Buffalo
1

Common Weakness Enumeration (CWE)