Vulnerability and firmware update to Buffalo's router products, etc.
On April 27, the IPA (Independent Administrative Organization Information Processing Promotion Organization) and JPCERT/CC (JPCERT Coordination Center) announced multiple vulnerabilities in Buffalo routers and network devices on April 27.
The applicable router products are as follows.These router products have a deficiency with incomplete access restrictions, so the configuration information may be stolen by a third party on the adjacent network or the ROOT authority may be executed any OS command.The latest firmware that has revised the vulnerability is provided, and it is called for updating if you are using the product.
In addition, it was announced that there are vulnerabilities (CWE-912) that enable debug functions in the following network products.In this vulnerability, a third party may access the debug function, perform any command execution, unauthorized code execution, change settings, and hinder service operation (DOS).Since the support of the product has ended, replacement for alternative products is guided.
![[Osaka Marriott Miyako Hotel] Plenty of cheese! Italian buffet held company release | Nikkan Kogyo Shimbun electronic version](https://website-google-hk.oss-cn-hongkong.aliyuncs.com/drawing/article_results_9/2022/3/28/1061eb31530c979d7b766ae1877b113a_0.jpeg)
