You see this notification on the Trend Micro Home Network Security app:
"Buffalo LinkStation Authentication Bypass"
Why did this happen?
A bypass authentication vulnerability was detected in the web interface of a Buffalo LinkStation Duo Network Attached Storage (NAS).
This vulnerability puts the confidentiality and integrity of the stored data, as well as the integrity of the device configuration at high risk. Bypassing authentication on Buffalo NAS devices modifies the response to the login request. This allows full access at administrator level giving complete control of the device.
What are its risks?
This vulnerability allows an unauthenticated attacker to gain administrative privileges on a Buffalo LinkStation. All attached storage devices may then be accessed by the attacker. This puts the available data at risk, as confidential information may be disclosed, and valuable information may be destroyed or manipulated.
What should I do next?
- Install the latest firmware version on your network device to ensure proper server-side authentication. Guide me how.
- Set a password for your Guest user account, which is by default present and enabled, but does not have a password.
