Sensitive Information at Risk: VR-S1000 Firmware Vulnerability
CVE-2023-51363

6.5MEDIUM

Key Information:

Vendor: BUFFALO INC.
Status: VR-S1000
Vendor: CVE Published:; 26 December 2023

🔔 Create BUFFALO INC. Vulnerability Alert

Badges

📰 News Worthy

What is CVE-2023-51363?

VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information.

Affected Version(s)

VR-S1000 firmware Ver. 2.37 and earlier

News Articles

Penetration Testing

CVE-2023-51363 CVE-2024-0519

CVE-2023-51363 Archives

VulnerabilityDecember 27, 2023The Urgent Need to Patch Buffalo’s VR-S1000 VPN RouterIn the digital era, small and medium-sized businesses have become increasingly reliant on the Internet for their daily...

References

https://www.buffalo.jp/news/detail/20231225-01.html

https://jvn.jp/en/jp/JVN23771490/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by Penetration Testing
Jan 24, 2024
Vulnerability published
Dec 26, 2023
Vulnerability Reserved
Dec 18, 2023