Login Sign Up

CVE-2023-24544

8.1 HIGH

📋 TL;DR

An improper access control vulnerability in Buffalo network switches allows network-adjacent attackers to access specific files, potentially enabling unauthorized configuration changes. This affects multiple Buffalo Gigabit switch models with firmware versions before specified patches. Organizations using these switches in their networks are at risk.

💻 Affected Systems

Products:
  • BS-GSL2024
  • BS-GSL2016P
  • BS-GSL2016
  • BS-GS2008
  • BS-GS2016
  • BS-GS2024
  • BS-GS2048
  • BS-GS2008P
  • BS-GS2016P
  • BS-GS2024P
Versions: BS-GSL series: Ver. 1.10-0.03 and earlier; BS-GS series: Ver. 1.0.10.01 and earlier
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All affected models in default configuration are vulnerable. Requires network adjacency (same subnet).

📦 What is this software?

Bs Gs2008 Firmware by Buffalo

View all CVEs affecting Bs Gs2008 Firmware →

Bs Gs2008p Firmware by Buffalo

View all CVEs affecting Bs Gs2008p Firmware →

Bs Gs2016 Firmware by Buffalo

View all CVEs affecting Bs Gs2016 Firmware →

Bs Gs2016hp Firmware by Buffalo

View all CVEs affecting Bs Gs2016hp Firmware →

Bs Gs2016p Firmware by Buffalo

View all CVEs affecting Bs Gs2016p Firmware →

Bs Gs2016p Firmware by Buffalo

View all CVEs affecting Bs Gs2016p Firmware →

Bs Gs2024 Firmware by Buffalo

View all CVEs affecting Bs Gs2024 Firmware →

Bs Gs2024hp Firmware by Buffalo

View all CVEs affecting Bs Gs2024hp Firmware →

Bs Gs2024p Firmware by Buffalo

View all CVEs affecting Bs Gs2024p Firmware →

Bs Gs2024p Firmware by Buffalo

View all CVEs affecting Bs Gs2024p Firmware →

Bs Gs2048 Firmware by Buffalo

View all CVEs affecting Bs Gs2048 Firmware →

Bs Gsl2016 Firmware by Buffalo

View all CVEs affecting Bs Gsl2016 Firmware →

Bs Gsl2016p Firmware by Buffalo

View all CVEs affecting Bs Gsl2016p Firmware →

Bs Gsl2024 Firmware by Buffalo

View all CVEs affecting Bs Gsl2024 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains administrative control of network switches, enabling traffic interception, network segmentation bypass, denial of service, or deployment of persistent backdoors.

🟠

Likely Case

Unauthorized configuration changes leading to network disruption, VLAN hopping, or exposure of sensitive network information.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing lateral movement to vulnerable switches.

🌐 Internet-Facing: LOW - Requires network adjacency, not directly exploitable from the internet unless switches are exposed.
🏢 Internal Only: HIGH - Network-adjacent attackers on the same subnet can exploit this without authentication.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

No authentication required, but attacker must be network-adjacent. Specific exploit details not publicly documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BS-GSL series: Ver. 1.10-0.04; BS-GS series: Ver. 1.0.10.02

Vendor Advisory: https://www.buffalo.jp/news/detail/20230310-01.html

Restart Required: Yes

Instructions:

1. Download latest firmware from Buffalo support site. 2. Log into switch web interface. 3. Navigate to firmware update section. 4. Upload and apply new firmware. 5. Switch will reboot automatically.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate vulnerable switches to separate VLANs with strict access controls

Access Control Lists

all

Implement ACLs to restrict management access to trusted IP addresses only

🧯 If You Can't Patch

  • Segment vulnerable switches to isolated network segments with strict firewall rules
  • Implement network monitoring for unauthorized configuration changes to affected switches

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface or CLI: System Information > Firmware Version

Check Version:

Via web interface: System Information page; CLI command varies by model

Verify Fix Applied:

Confirm firmware version matches patched versions: BS-GSL series ≥1.10-0.04, BS-GS series ≥1.0.10.02

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized configuration changes
  • Unexpected firmware access attempts
  • Multiple failed login attempts followed by configuration changes

Network Indicators:

  • Unexpected traffic patterns from switch management interfaces
  • Configuration file access from unauthorized IPs

SIEM Query:

source="buffalo_switch" AND (event_type="config_change" OR event_type="file_access") AND user="unknown"

📊 Metadata

CVE ID: CVE-2023-24544
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-284
Published: April 11, 2023
Last Updated: February 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-24544, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)