Is CVE-2021-20092 known to be exploited?

12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Buffalo Wsr-2533dhpl2, Wsr-2533dhp3

Q: What is CVE-2021-20092?

CVE-2021-20092 is a vulnerability in Buffalo Wsr-2533dhpl2, Wsr-2533dhp3. Published 2021-04-29.

CVE-2021-20092

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.

EPSS: 0.688 (98.6th percentile) — read the EPSS interpretation.

Affected products

N/a Buffalo Wsr-2533dhpl2, Wsr-2533dhp3 — versions WSR-2533DHPL2 <=1.02, WSR-2533DHP3 <= 1.24

Public proof-of-concept exploits

0day404/vulnerability-poc
20142995/nuclei-templates
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
ArrestX/--POC
KayCHENvip/vulnerability-poc
Miraitowa70/POC-Notes
Threekiii/Awesome-POC
XiaomingX/awesome-poc-for-red-team

References

www.tenable.com/security/research/tra-2021-13 (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-20092?: CVE-2021-20092 is a vulnerability in Buffalo Wsr-2533dhpl2, Wsr-2533dhp3. Published 2021-04-29.
Is CVE-2021-20092 known to be exploited?: 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.