CVE-2011-1324

Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.

Published: 2011-05-09 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2011-1324 is rated Low Risk (34.3/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.08%). Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2011-1324

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2023-03-07 1.05% 0.08% -0.97%
2 2022-02-04 1.05%

Full EPSS history (2 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2011-1324

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.8 2.0 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 8.6 4.9 [email protected]

Weakness enumeration for CVE-2011-1324

Affected software / configurations for CVE-2011-1324

Vendor Product Version Raw CPE
buffalotech bbr-4hg_firmware 1.02 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.02:*:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.04 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.04:*:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.04 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.04:beta:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.10 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.10:*:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.10 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.10:beta:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.11 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.11:beta:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.12 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.12:*:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.20 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.20:*:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.20 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.20:beta:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.30 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.30:*:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.30 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.30:beta:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.31 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.31:*:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.32 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.32:*:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.32 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.32:beta:*:*:*:*:*:*
buffalotech bbr-4hg_firmware 1.33 cpe:2.3:a:buffalotech:bbr-4hg_firmware:1.33:beta:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.00 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.00:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.01 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.01:beta:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.03 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.03:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.04 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.04:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.04 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.04:beta:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.10 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.10:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.10 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.10:beta:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.11 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.11:beta:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.12 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.12:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.20 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.20:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.20 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.20:beta:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.30 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.30:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.30 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.30:beta:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.31 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.31:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.32 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.32:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.32 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.32:beta:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.33 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.33:*:*:*:*:*:*:*
buffalotech bbr-4mg_firmware 1.33 cpe:2.3:a:buffalotech:bbr-4mg_firmware:1.33:beta:*:*:*:*:*:*
buffalotech bhr-4rv_firmware 2.31 cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.31:*:*:*:*:*:*:*
buffalotech bhr-4rv_firmware 2.32 cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.32:prebeta:*:*:*:*:*:*
buffalotech bhr-4rv_firmware 2.33 cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.33:prebeta:*:*:*:*:*:*
buffalotech bhr-4rv_firmware 2.42 cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.42:*:*:*:*:*:*:*
buffalotech bhr-4rv_firmware 2.46 cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.46:*:*:*:*:*:*:*
buffalotech bhr-4rv_firmware 2.48 cpe:2.3:a:buffalotech:bhr-4rv_firmware:2.48:*:*:*:*:*:*:*
buffalotech fs-g54_firmware 2.07 cpe:2.3:a:buffalotech:fs-g54_firmware:2.07:*:*:*:*:*:*:*
buffalotech wer-a54g54_firmware 1.00 cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.00:*:*:*:*:*:*:*
buffalotech wer-a54g54_firmware 1.01 cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.01:beta:*:*:*:*:*:*
buffalotech wer-a54g54_firmware 1.02 cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.02:*:*:*:*:*:*:*
buffalotech wer-a54g54_firmware 1.03 cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.03:*:*:*:*:*:*:*
buffalotech wer-a54g54_firmware 1.10 cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.10:*:*:*:*:*:*:*
buffalotech wer-a54g54_firmware 1.12 cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.12:*:*:*:*:*:*:*
buffalotech wer-a54g54_firmware 1.12 cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.12:beta:*:*:*:*:*:*
buffalotech wer-a54g54_firmware 1.13 cpe:2.3:a:buffalotech:wer-a54g54_firmware:1.13:*:*:*:*:*:*:*
buffalotech wer-ag54_firmware 1.04 cpe:2.3:a:buffalotech:wer-ag54_firmware:1.04:*:*:*:*:*:*:*
buffalotech wer-ag54_firmware 1.12 cpe:2.3:a:buffalotech:wer-ag54_firmware:1.12:*:*:*:*:*:*:*
buffalotech wer-ag54_firmware 1.12 cpe:2.3:a:buffalotech:wer-ag54_firmware:1.12:beta:*:*:*:*:*:*
buffalotech wer-am54g54_firmware 1.11 cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.11:*:*:*:*:*:*:*
buffalotech wer-am54g54_firmware 1.12 cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.12:*:*:*:*:*:*:*
buffalotech wer-am54g54_firmware 1.12 cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.12:beta:*:*:*:*:*:*
buffalotech wer-am54g54_firmware 1.13 cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.13:*:*:*:*:*:*:*
buffalotech wer-am54g54_firmware 1.14 cpe:2.3:a:buffalotech:wer-am54g54_firmware:1.14:*:*:*:*:*:*:*
buffalotech wer-amg54_firmware 1.11 cpe:2.3:a:buffalotech:wer-amg54_firmware:1.11:*:*:*:*:*:*:*
buffalotech wer-amg54_firmware 1.12 cpe:2.3:a:buffalotech:wer-amg54_firmware:1.12:*:*:*:*:*:*:*
buffalotech wer-amg54_firmware 1.14 cpe:2.3:a:buffalotech:wer-amg54_firmware:1.14:*:*:*:*:*:*:*
buffalotech whr-am54g54_firmware 1.30 cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.30:*:*:*:*:*:*:*
buffalotech whr-am54g54_firmware 1.38 cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.38:*:*:*:*:*:*:*
buffalotech whr-am54g54_firmware 1.40 cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.40:*:*:*:*:*:*:*
buffalotech whr-am54g54_firmware 1.42 cpe:2.3:a:buffalotech:whr-am54g54_firmware:1.42:*:*:*:*:*:*:*
buffalotech whr-amg54_firmware 1.31 cpe:2.3:a:buffalotech:whr-amg54_firmware:1.31:*:*:*:*:*:*:*
buffalotech whr-amg54_firmware 1.38 cpe:2.3:a:buffalotech:whr-amg54_firmware:1.38:*:*:*:*:*:*:*
buffalotech whr-amg54_firmware 1.40 cpe:2.3:a:buffalotech:whr-amg54_firmware:1.40:*:*:*:*:*:*:*
buffalotech whr-amg54_firmware 1.42 cpe:2.3:a:buffalotech:whr-amg54_firmware:1.42:*:*:*:*:*:*:*
buffalotech whr-ampg_firmware 1.46 cpe:2.3:a:buffalotech:whr-ampg_firmware:1.46:*:*:*:*:*:*:*
buffalotech whr-g_firmware 1.46 cpe:2.3:a:buffalotech:whr-g_firmware:1.46:*:*:*:*:*:*:*
buffalotech whr-g54s_firmware 1.20 cpe:2.3:a:buffalotech:whr-g54s_firmware:1.20:*:*:*:*:*:*:*
buffalotech whr-g54s_firmware 1.21 cpe:2.3:a:buffalotech:whr-g54s_firmware:1.21:*:*:*:*:*:*:*
buffalotech whr-g54s_firmware 1.23 cpe:2.3:a:buffalotech:whr-g54s_firmware:1.23:*:*:*:*:*:*:*
buffalotech whr-g54s_firmware 1.38 cpe:2.3:a:buffalotech:whr-g54s_firmware:1.38:*:*:*:*:*:*:*
buffalotech whr-g54s_firmware 1.40 cpe:2.3:a:buffalotech:whr-g54s_firmware:1.40:*:*:*:*:*:*:*
buffalotech whr-g54s_firmware 1.42 cpe:2.3:a:buffalotech:whr-g54s_firmware:1.42:*:*:*:*:*:*:*
buffalotech whr-hp-ampg_firmware 1.32 cpe:2.3:a:buffalotech:whr-hp-ampg_firmware:1.32:*:*:*:*:*:*:*
buffalotech whr-hp-g_firmware 1.46 cpe:2.3:a:buffalotech:whr-hp-g_firmware:1.46:*:*:*:*:*:*:*
buffalotech whr-hp-g54_firmware 1.20 cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.20:*:*:*:*:*:*:*
buffalotech whr-hp-g54_firmware 1.21 cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.21:*:*:*:*:*:*:*
buffalotech whr-hp-g54_firmware 1.23 cpe:2.3:a:buffalotech:whr-hp-g54_firmware:1.23:*:*:*:*:*:*:*

References for CVE-2011-1324

cvelogic Threat Intelligence