Cyber Resilience

CVE-2021-3511

Medium

Published: 28 April 2021

Published
28 April 2021
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score 0.0019 41.2th percentile
Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-3511 is a medium-severity an unspecified weakness vulnerability in Buffalo Bhr-4Grv Firmware. Its CVSS base score is 4.3 (Medium).

Operationally, ranked at the 41.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware…

more

Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to obtain information such as configuration via unspecified vectors.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

buffalo
bhr-4grv firmware
≤ 2.00
buffalo
dwr-hp-g300nh firmware
≤ 1.84
buffalo
hw-450hp-zwe firmware
≤ 2.00
buffalo
whr-300hp firmware
≤ 2.00
buffalo
whr-300 firmware
≤ 2.00
buffalo
whr-g301n firmware
≤ 1.87
buffalo
whr-hp-g300n firmware
≤ 2.00
buffalo
whr-hp-gn firmware
≤ 1.87
buffalo
wpl-05g300 firmware
≤ 1.88
buffalo
wzr-450hp-cwt firmware
≤ 2.00
+14 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References