CVE-2023-24544 (bs-gs2008_firmware, bs-gs2008p_firmware, bs-gs2016_firmware, bs-gs2016hp_firmware, bs-gs2016p_firmware, bs-gs2024_firmware, bs-gs2024hp_firmware, bs-gs2024p_firmware, bs-gs2048_firmware, bs-gsl2016_firmware, bs-gsl2016p_firmware, bs-g

Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware …

access access control buffalo control cve devices files firmware may network network devices product products result settings vulnerability