CVE-2023-26588
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-02-26 CVE Reserved
- 2023-04-11 CVE Published
- 2024-08-02 CVE Updated
- 2024-11-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-668: Exposure of Resource to Wrong Sphere
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://jvn.jp/en/vu/JVNVU96824262 | 2023-04-18 |
| URL | Date | SRC |
|---|---|---|
| https://www.buffalo.jp/news/detail/20230310-01.html | 2023-04-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Buffalo Search vendor "Buffalo" | Bs-gsl2024 Firmware Search vendor "Buffalo" for product "Bs-gsl2024 Firmware" | <= 1.10-0.03 Search vendor "Buffalo" for product "Bs-gsl2024 Firmware" and version " <= 1.10-0.03" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gsl2024 Search vendor "Buffalo" for product "Bs-gsl2024" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gsl2016p Firmware Search vendor "Buffalo" for product "Bs-gsl2016p Firmware" | <= 1.10-0.03 Search vendor "Buffalo" for product "Bs-gsl2016p Firmware" and version " <= 1.10-0.03" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gsl2016p Search vendor "Buffalo" for product "Bs-gsl2016p" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gsl2016 Firmware Search vendor "Buffalo" for product "Bs-gsl2016 Firmware" | <= 1.10-0.03 Search vendor "Buffalo" for product "Bs-gsl2016 Firmware" and version " <= 1.10-0.03" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gsl2016 Search vendor "Buffalo" for product "Bs-gsl2016" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2008 Firmware Search vendor "Buffalo" for product "Bs-gs2008 Firmware" | <= 1.0.10.01 Search vendor "Buffalo" for product "Bs-gs2008 Firmware" and version " <= 1.0.10.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2008 Search vendor "Buffalo" for product "Bs-gs2008" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2016 Firmware Search vendor "Buffalo" for product "Bs-gs2016 Firmware" | <= 1.0.10.01 Search vendor "Buffalo" for product "Bs-gs2016 Firmware" and version " <= 1.0.10.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2016 Search vendor "Buffalo" for product "Bs-gs2016" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2024 Firmware Search vendor "Buffalo" for product "Bs-gs2024 Firmware" | <= 1.0.10.01 Search vendor "Buffalo" for product "Bs-gs2024 Firmware" and version " <= 1.0.10.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2024 Search vendor "Buffalo" for product "Bs-gs2024" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2048 Firmware Search vendor "Buffalo" for product "Bs-gs2048 Firmware" | <= 1.0.10.01 Search vendor "Buffalo" for product "Bs-gs2048 Firmware" and version " <= 1.0.10.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2048 Search vendor "Buffalo" for product "Bs-gs2048" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2008p Firmware Search vendor "Buffalo" for product "Bs-gs2008p Firmware" | <= 1.0.10.01 Search vendor "Buffalo" for product "Bs-gs2008p Firmware" and version " <= 1.0.10.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2008p Search vendor "Buffalo" for product "Bs-gs2008p" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2016p Firmware Search vendor "Buffalo" for product "Bs-gs2016p Firmware" | <= 1.0.10.01 Search vendor "Buffalo" for product "Bs-gs2016p Firmware" and version " <= 1.0.10.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2016p Search vendor "Buffalo" for product "Bs-gs2016p" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2024p Firmware Search vendor "Buffalo" for product "Bs-gs2024p Firmware" | <= 1.0.10.01 Search vendor "Buffalo" for product "Bs-gs2024p Firmware" and version " <= 1.0.10.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2024p Search vendor "Buffalo" for product "Bs-gs2024p" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gsl2005 Firmware Search vendor "Buffalo" for product "Bs-gsl2005 Firmware" | < 1.12-0.01 Search vendor "Buffalo" for product "Bs-gsl2005 Firmware" and version " < 1.12-0.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gsl2005 Search vendor "Buffalo" for product "Bs-gsl2005" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gsl2008 Firmware Search vendor "Buffalo" for product "Bs-gsl2008 Firmware" | < 1.12-0.01 Search vendor "Buffalo" for product "Bs-gsl2008 Firmware" and version " < 1.12-0.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gsl2008 Search vendor "Buffalo" for product "Bs-gsl2008" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gsl2005p Firmware Search vendor "Buffalo" for product "Bs-gsl2005p Firmware" | < 1.11-0.01 Search vendor "Buffalo" for product "Bs-gsl2005p Firmware" and version " < 1.11-0.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gsl2005p Search vendor "Buffalo" for product "Bs-gsl2005p" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gsl2008p Firmware Search vendor "Buffalo" for product "Bs-gsl2008p Firmware" | < 1.11-0.01 Search vendor "Buffalo" for product "Bs-gsl2008p Firmware" and version " < 1.11-0.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gsl2008p Search vendor "Buffalo" for product "Bs-gsl2008p" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2016p Firmware Search vendor "Buffalo" for product "Bs-gs2016p Firmware" | < 1.1.7.01 Search vendor "Buffalo" for product "Bs-gs2016p Firmware" and version " < 1.1.7.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2016p Search vendor "Buffalo" for product "Bs-gs2016p" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2016hp Firmware Search vendor "Buffalo" for product "Bs-gs2016hp Firmware" | < 1.1.7.01 Search vendor "Buffalo" for product "Bs-gs2016hp Firmware" and version " < 1.1.7.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2016hp Search vendor "Buffalo" for product "Bs-gs2016hp" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2024p Firmware Search vendor "Buffalo" for product "Bs-gs2024p Firmware" | < 1.1.7.01 Search vendor "Buffalo" for product "Bs-gs2024p Firmware" and version " < 1.1.7.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2024p Search vendor "Buffalo" for product "Bs-gs2024p" | - | - |
Safe
|
| Buffalo Search vendor "Buffalo" | Bs-gs2024hp Firmware Search vendor "Buffalo" for product "Bs-gs2024hp Firmware" | < 1.1.7.01 Search vendor "Buffalo" for product "Bs-gs2024hp Firmware" and version " < 1.1.7.01" | - |
Affected
| in | Buffalo Search vendor "Buffalo" | Bs-gs2024hp Search vendor "Buffalo" for product "Bs-gs2024hp" | - | - |
Safe
|