Vulnerabilities > CVE-2023-39620 - Unspecified vulnerability in Buffalo Terastation NAS 5410R Firmware 5.000.07

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

buffalo

NVD

Published: 2023-09-08

Updated: 2023-09-12

Summary

An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote attacker to obtain sensitive information via the guest account function.

Vulnerable Configurations

Part	Description	Count
OS	Buffalo Buffalo Terastation NAS 5410R Firmware 5.00-0.07	1
Hardware	Buffalo Buffalo Terastation NAS 5410R -	1

References

https://github.com/bcross520/bcross520.github.io/wiki/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration.
https://github.com/bcross520/bcross520.github.io/wiki/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration