MidnightBSD

Advisories for buffalo

CVE-2016-4815 MEDIUM

Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
buffalo wzr-900dhp2_firmware *
buffalo wzr-900dhp_firmware *
buffalo wzr-600dhp2_firmware *
buffalo wzr-s900dhp_firmware *
buffalo wzr-600dhp3_firmware *
buffalo wzr-s600dhp_firmware *
CVE-2016-4816 MEDIUM

BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
buffalo wxr-1750dhp_firmware *
buffalo wapm-ag300n_firmware *
buffalo wzr-hp-g300nh_firmware *
buffalo wzr-d1100h_firmware *
buffalo wzr-hp-g301nh_firmware *
buffalo wzr-300hp_firmware *
buffalo hw-450hp-zwe_firmware *
buffalo wzr-900dhp2_firmware *
buffalo wcr-300_firmware *
buffalo wzr-s900dhp_firmware *
buffalo wzr-hp-ag300h_firmware *
buffalo wzr-600dhp3_firmware *
buffalo whr-300_firmware *
buffalo wzr-1166dhp_firmware *
buffalo whr-hp-g300n_firmware *
buffalo wxr-1900dhp_firmware *
buffalo wzr-450hp_firmware *
buffalo dwr-hp-g300nh_firmware *
buffalo wapm-apg300n_firmware *
buffalo wzr-450hp-ub_firmware *
buffalo wzr-s600dhp_firmware *
buffalo wzr-600dhp_firmware 1.97
buffalo wzr-hp-g302h_firmware *
buffalo wzr-s1750dhp_firmware *
buffalo wzr-hp-g450h_firmware *
buffalo wzr-1166dhp2_firmware *
buffalo wzr-450hp-cwt_firmware *
buffalo whr-300hp_firmware *
buffalo wzr-1750dhp_firmware *
buffalo wzr-900dhp_firmware *
buffalo fs-600dhp_firmware *
buffalo wpl-05g300_firmware *
buffalo bhr-4grv_firmware *
CVE-2017-10811 HIGH

Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
buffalo wcr-1166ds_firmware 1.30
CVE-2017-10896 MEDIUM

Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
buffalo bbr-4mg_firmware *
buffalo bbr-4hg_firmware *
CVE-2017-10897 MEDIUM

Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
buffalo bbr-4mg_firmware *
buffalo bbr-4hg_firmware *
CVE-2017-2126 HIGH

WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
buffalo wapm-apg600h_firmware *
buffalo wapm-1166d_firmware *
CVE-2017-2273 MEDIUM

Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
buffalo wmr-433w_firmware *
buffalo wmr-433_firmware *
CVE-2017-2274 MEDIUM

Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
buffalo wmr-433w_firmware *
buffalo wmr-433_firmware *
CVE-2018-0521 HIGH

Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-306,

Products Affected

Vendor Product Version
buffalo wxr-1900dhp2_firmware *
CVE-2018-0522 MEDIUM

Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary code via a specially crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
buffalo wxr-1900dhp2_firmware *
CVE-2018-0523 HIGH

Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
buffalo wxr-1900dhp2_firmware *
CVE-2018-0554 HIGH

Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-306,

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
CVE-2018-0555 HIGH

Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
CVE-2018-0556 HIGH

Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
CVE-2018-13318 MEDIUM

System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
buffalo ts5600d1206_firmware 3.61-0.10
CVE-2018-13319 MEDIUM

Incorrect access control in get_portal_info in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to determine sensitive device information via an unauthenticated POST request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
buffalo ts5600d1206_firmware 3.61-0.10
CVE-2018-13320 MEDIUM

System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
buffalo ts5600d1206_firmware 3.61-0.10
CVE-2018-13321 MEDIUM

Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allow attackers to call dangerous internal functions via the "method" parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
buffalo ts5600d1206_firmware 3.61-0.10
CVE-2018-13322 MEDIUM

Directory traversal in list_folders method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to list directory contents via the "path" parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
buffalo ts5600d1206_firmware 3.61-0.10
CVE-2018-13323 MEDIUM

Cross-site scripting in detail.html in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute JavaScript via the "username" cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
buffalo ts5600d1206_firmware 3.61-0.10
CVE-2018-13324 HIGH

Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to bypass authentication by sending a modified HTTP Host header.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-863,

Products Affected

Vendor Product Version
buffalo ts5600d1206_firmware 3.61-0.10
CVE-2018-16960 MEDIUM

An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/login.php has Reflected XSS via the xd_user_formal_name parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
buffalo open_xdmod *
CVE-2018-16961 MEDIUM

An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/dl_publication.php allows Path traversal via the file parameter, allowing remote attackers to read PDF files in arbitrary directories.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
buffalo open_xdmod *
CVE-2020-5605 MEDIUM

Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
buffalo airstation_whr-g54s_firmware *
CVE-2020-5606 MEDIUM

Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
buffalo airstation_whr-g54s_firmware *
CVE-2021-20090 HIGH

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
buffalo wsr-2533dhpl2-bk_firmware *
buffalo wsr-2533dhp3-bk_firmware *
CVE-2021-20091 MEDIUM

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
buffalo wsr-2533dhpl2-bk_firmware *
buffalo wsr-2533dhp3-bk_firmware *
CVE-2021-20092 MEDIUM

The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
buffalo wsr-2533dhpl2-bk_firmware *
buffalo wsr-2533dhp3-bk_firmware *
CVE-2021-20716 HIGH

Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, WBR-B11 firmware Ver.2.23 and prior, WBR-G54 firmware Ver.2.23 and prior, WBR-G54L firmware Ver.2.20 and prior, WHR2-A54G54 firmware Ver.2.25 and prior, WHR2-G54 firmware Ver.2.23 and prior, WHR2-G54V firmware Ver.2.55 and prior, WHR3-AG54 firmware Ver.2.23 and prior, WHR-G54 firmware Ver.2.16 and prior, WHR-G54-NF firmware Ver.2.10 and prior, WLA2-G54 firmware Ver.2.24 and prior, WLA2-G54C firmware Ver.2.24 and prior, WLA-B11 firmware Ver.2.20 and prior, WLA-G54 firmware Ver.2.20 and prior, WLA-G54C firmware Ver.2.20 and prior, WLAH-A54G54 firmware Ver.2.54 and prior, WLAH-AM54G54 firmware Ver.2.54 and prior, WLAH-G54 firmware Ver.2.54 and prior, WLI2-TX1-AG54 firmware Ver.2.53 and prior, WLI2-TX1-AMG54 firmware Ver.2.53 and prior, WLI2-TX1-G54 firmware Ver.2.20 and prior, WLI3-TX1-AMG54 firmware Ver.2.53 and prior, WLI3-TX1-G54 firmware Ver.2.53 and prior, WLI-T1-B11 firmware Ver.2.20 and prior, WLI-TX1-G54 firmware Ver.2.20 and prior, WVR-G54-NF firmware Ver.2.02 and prior, WZR-G108 firmware Ver.2.41 and prior, WZR-G54 firmware Ver.2.41 and prior, WZR-HP-G54 firmware Ver.2.41 and prior, WZR-RS-G54 firmware Ver.2.55 and prior, and WZR-RS-G54HP firmware Ver.2.55 and prior) allows a remote attacker to enable the debug option and to execute arbitrary code or OS commands, change the configuration, and cause a denial of service (DoS) condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
buffalo whr-g54-nf_firmware *
buffalo whr2-a54g54_firmware *
buffalo wbr-g54l_firmware *
buffalo wlah-g54_firmware *
buffalo wzr-rs-g54hp_firmware *
buffalo wli3-tx1-amg54_firmware *
buffalo wzr-rs-g54_firmware *
buffalo wla-g54_firmware *
buffalo wbr2-g54-kd_firmware *
buffalo whr2-g54v_firmware *
buffalo wli3-tx1-g54_firmware *
buffalo wla-b11_firmware *
buffalo wlah-am54g54_firmware *
buffalo wbr-g54_firmware *
buffalo wla2-g54c_firmware *
buffalo wlah-a54g54_firmware *
buffalo wzr-g54_firmware *
buffalo wbr-b11_firmware *
buffalo bhr-4rv_firmware *
buffalo wvr-g54-nf_firmware *
buffalo wzr-hp-g54_firmware *
buffalo wla2-g54_firmware *
buffalo whr2-g54_firmware *
buffalo fs-g54_firmware *
buffalo whr3-ag54_firmware *
buffalo wbr2-g54_firmware *
buffalo wli2-tx1-g54_firmware *
buffalo whr-g54_firmware *
buffalo wla-g54c_firmware *
buffalo wzr-g108_firmware *
buffalo wli2-tx1-ag54_firmware *
buffalo wli-tx1-g54_firmware *
buffalo wbr2-b11_firmware *
buffalo wli2-tx1-amg54_firmware *
buffalo wli-t1-b11_firmware *
CVE-2021-20730 LOW

Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
buffalo wsr-1166dhp4_firmware *
buffalo wsr-1166dhp3_firmware *
CVE-2021-20731 HIGH

WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allow an attacker to execute arbitrary OS commands with root privileges via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
buffalo wsr-1166dhp4_firmware *
buffalo wsr-1166dhp3_firmware *
CVE-2021-3511 LOW

Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to obtain information such as configuration via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
buffalo fs-hp-g300n_firmware *
buffalo wzr-hp-g300nh_firmware *
buffalo wzr-d1100h_firmware *
buffalo wzr-hp-g301nh_firmware *
buffalo wzr-300hp_firmware *
buffalo wzr-600dhp_firmware *
buffalo hw-450hp-zwe_firmware *
buffalo whr-hp-gn_firmware *
buffalo wzr-hp-ag300h_firmware *
buffalo whr-300_firmware *
buffalo whr-g301n_firmware *
buffalo fs-g300n_firmware *
buffalo whr-hp-g300n_firmware *
buffalo wzr-450hp_firmware *
buffalo dwr-hp-g300nh_firmware *
buffalo wzr-450hp-ub_firmware *
buffalo fs-r600dhp_firmware *
buffalo wzr-hp-g302h_firmware *
buffalo wzr-hp-g450h_firmware *
buffalo wzr-450hp-cwt_firmware *
buffalo whr-300hp_firmware *
buffalo fs-600dhp_firmware *
buffalo wpl-05g300_firmware *
buffalo bhr-4grv_firmware *
CVE-2021-3512 HIGH

Improper access control vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to bypass access restriction and to start telnet service and execute arbitrary OS commands with root privileges via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
buffalo fs-hp-g300n_firmware *
buffalo wzr-hp-g300nh_firmware *
buffalo wzr-d1100h_firmware *
buffalo wzr-hp-g301nh_firmware *
buffalo wzr-300hp_firmware *
buffalo wzr-600dhp_firmware *
buffalo hw-450hp-zwe_firmware *
buffalo whr-hp-gn_firmware *
buffalo wzr-hp-ag300h_firmware *
buffalo whr-300_firmware *
buffalo whr-g301n_firmware *
buffalo fs-g300n_firmware *
buffalo whr-hp-g300n_firmware *
buffalo wzr-450hp_firmware *
buffalo dwr-hp-g300nh_firmware *
buffalo wzr-450hp-ub_firmware *
buffalo fs-r600dhp_firmware *
buffalo wzr-hp-g302h_firmware *
buffalo wzr-hp-g450h_firmware *
buffalo wzr-450hp-cwt_firmware *
buffalo whr-300hp_firmware *
buffalo fs-600dhp_firmware *
buffalo wpl-05g300_firmware *
buffalo bhr-4grv_firmware *
CVE-2022-34840

Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, and WZR-D1100H firmware Ver. 2.00 and earlier.

Products Affected

Vendor Product Version
buffalo wzr-450hp_firmware *
buffalo wzr-900dhp_firmware *
buffalo wzr-450hp-ub_firmware *
buffalo wzr-600dhp2_firmware *
buffalo wzr-d1100h_firmware *
buffalo wzr-300hp_firmware *
buffalo wzr-600dhp_firmware *
buffalo wzr-450hp-cwt_firmware *
buffalo hw-450hp-zwe_firmware *
CVE-2022-39044

Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WLI-TX4-AG300N firmware Ver. 1.53 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WZR2-G108 firmware Ver. 1.33 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, and WZR-HP-G450H firmware Ver. 1.90 and earlier.

Products Affected

Vendor Product Version
buffalo whr-hp-g54_firmware *
buffalo wzr-ampg144nh_firmware *
buffalo wzr2-g108_firmware *
buffalo wzr-g144n_firmware *
buffalo wzr-d1100h_firmware *
buffalo wer-a54g54_firmware *
buffalo wer-am54g54_firmware *
buffalo wzr-300hp_firmware *
buffalo wzr-600dhp_firmware *
buffalo wli-tx4-ag300n_firmware *
buffalo whr-ampg_firmware *
buffalo whr-g_firmware *
buffalo whr-am54g54_firmware *
buffalo whr-g54s_firmware *
buffalo wli-h4-d600_firmware *
buffalo wzr-agl300nh_firmware *
buffalo wcr-300_firmware *
buffalo wzr-hp-ag300h_firmware *
buffalo wer-ag54_firmware *
buffalo whr-g54s-ni_firmware *
buffalo wer-amg54_firmware *
buffalo fs-g300n_firmware *
buffalo wzr-450hp-ub_firmware *
buffalo whr-amg54_firmware *
buffalo whr-hp-g_firmware *
buffalo wzr-hp-g302h_firmware *
buffalo wzr-ampg300nh_firmware *
buffalo wzr-g144nh_firmware *
buffalo wzr-900dhp_firmware *
buffalo fs-600dhp_firmware *
buffalo ws024bf_firmware *
buffalo fs-hp-g300n_firmware *
buffalo ws024bf-nw_firmware *
buffalo wzr-600dhp2_firmware *
buffalo wzr-hp-g300nh_firmware *
buffalo wzr-hp-g301nh_firmware *
buffalo hw-450hp-zwe_firmware *
buffalo dwr-pg_firmware *
buffalo whr-hp-gn_firmware *
buffalo whr-300_firmware *
buffalo whr-g301n_firmware *
buffalo whr-hp-g300n_firmware *
buffalo wzr-450hp_firmware *
buffalo dwr-hp-g300nh_firmware *
buffalo whr-hp-ampg_firmware *
buffalo fs-r600dhp_firmware *
buffalo wzr2-g300n_firmware *
buffalo wzr-hp-g450h_firmware *
buffalo wzr-450hp-cwt_firmware *
buffalo whr-300hp_firmware *
buffalo wlae-ag300n_firmware *
buffalo wpl-05g300_firmware *
buffalo bhr-4grv_firmware *
buffalo whr-g300n_firmware *
CVE-2022-40966

Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier.

Products Affected

Vendor Product Version
buffalo whr-hp-g54_firmware *
buffalo wzr-ampg144nh_firmware *
buffalo wzr-g144n_firmware *
buffalo wzr-d1100h_firmware *
buffalo wer-a54g54_firmware *
buffalo wer-am54g54_firmware *
buffalo wzr-300hp_firmware *
buffalo wzr-600dhp_firmware *
buffalo wxr-1750dhp2_firmware *
buffalo whr-ampg_firmware *
buffalo whr-g_firmware *
buffalo wzr-900dhp2_firmware *
buffalo whr-am54g54_firmware *
buffalo whr-g54s_firmware *
buffalo wli-h4-d600_firmware *
buffalo wzr-agl300nh_firmware *
buffalo wcr-300_firmware *
buffalo wzr-hp-ag300h_firmware *
buffalo wer-ag54_firmware *
buffalo whr-g54s-ni_firmware *
buffalo wzr-600dhp3_firmware *
buffalo wer-amg54_firmware *
buffalo fs-g300n_firmware *
buffalo wxr-1900dhp_firmware *
buffalo wxr-1900dhp2_firmware *
buffalo wzr-450hp-ub_firmware *
buffalo whr-amg54_firmware *
buffalo whr-hp-g_firmware *
buffalo wzr-s600dhp_firmware *
buffalo wzr-hp-g302h_firmware *
buffalo wzr-ampg300nh_firmware *
buffalo wzr-g144nh_firmware *
buffalo wzr-900dhp_firmware *
buffalo fs-600dhp_firmware *
buffalo wem-1266_firmware *
buffalo ws024bf_firmware *
buffalo fs-hp-g300n_firmware *
buffalo wzr-1750dhp2_firmware *
buffalo wem-1266wp_firmware *
buffalo ws024bf-nw_firmware *
buffalo wxr-1750dhp_firmware *
buffalo wzr-600dhp2_firmware *
buffalo wxr-5950ax12_firmware *
buffalo wzr-hp-g300nh_firmware *
buffalo wzr-hp-g301nh_firmware *
buffalo hw-450hp-zwe_firmware *
buffalo dwr-pg_firmware *
buffalo wxr-1900dhp3_firmware *
buffalo whr-hp-gn_firmware *
buffalo wxr-6000ax12s_firmware *
buffalo wzr-s900dhp_firmware *
buffalo whr-300_firmware *
buffalo wtr-m2133hs_firmware *
buffalo whr-g301n_firmware *
buffalo wzr-1166dhp_firmware *
buffalo whr-hp-g300n_firmware *
buffalo wxr-6000ax12b_firmware *
buffalo wzr-450hp_firmware *
buffalo dwr-hp-g300nh_firmware *
buffalo whr-hp-ampg_firmware *
buffalo fs-r600dhp_firmware *
buffalo wtr-m2133hp_firmware *
buffalo wzr-s1750dhp_firmware *
buffalo wzr2-g300n_firmware *
buffalo wzr-hp-g450h_firmware *
buffalo wrm-d2133hs_firmware *
buffalo wzr-1166dhp2_firmware *
buffalo wzr-450hp-cwt_firmware *
buffalo whr-300hp_firmware *
buffalo wrm-d2133hp_firmware *
buffalo wlae-ag300n_firmware *
buffalo wzr-1750dhp_firmware *
buffalo wpl-05g300_firmware *
buffalo bhr-4grv_firmware *
buffalo whr-g300n_firmware *
CVE-2022-43443

OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page.

Products Affected

Vendor Product Version
buffalo wsr-2533dhp2_firmware *
buffalo wsr-2533dhpl2_firmware *
buffalo wsr-3200ax4b_firmware 1.25
buffalo wsr-a2533dhp2_firmware *
buffalo wsr-2533dhpl_firmware *
buffalo wsr-3200ax4s_firmware *
buffalo wsr-2533dhp3_firmware *
buffalo wsr-a2533dhp3_firmware *
buffalo wsr-2533dhp_firmware *
buffalo wsr-2533dhpls_firmware *
buffalo wcr-1166ds_firmware *
CVE-2022-43466

OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program.

Products Affected

Vendor Product Version
buffalo wsr-2533dhp2_firmware *
buffalo wex-1800ax4_firmware *
buffalo wsr-2533dhpl2_firmware *
buffalo wsr-3200ax4b_firmware 1.25
buffalo wsr-a2533dhp2_firmware *
buffalo wex-1800ax4ea_firmware *
buffalo wsr-3200ax4s_firmware *
buffalo wsr-2533dhp3_firmware *
buffalo wsr-a2533dhp3_firmware *
buffalo wsr-2533dhpls_firmware *
CVE-2022-43486

Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices.

Products Affected

Vendor Product Version
buffalo wsr-2533dhp2_firmware *
buffalo wsr-2533dhpl2_firmware *
buffalo wsr-3200ax4b_firmware 1.25
buffalo wsr-3200ax4s_firmware *
buffalo wsr-2533dhp3_firmware *
buffalo wsr-a2533dhp3_firmware *
buffalo wsr-2533dhpls_firmware *
buffalo wex-1800ax4_firmware *
buffalo wsr-a2533dhp2_firmware *
buffalo wsr-2533dhpl_firmware *
buffalo wex-1800ax4ea_firmware *
buffalo wsr-2533dhp_firmware *
buffalo wcr-1166ds_firmware *
CVE-2023-24464

Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
buffalo bs-gs2016p_firmware *
buffalo bs-gs2008_firmware *
buffalo bs-gs2008p_firmware *
buffalo bs-gs2048_firmware *
buffalo bs-gs2016_firmware *
buffalo bs-gs2024p_firmware *
buffalo bs-gs2024_firmware *
CVE-2023-24544

Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier

Products Affected

Vendor Product Version
buffalo bs-gs2016p_firmware *
buffalo bs-gs2008p_firmware *
buffalo bs-gs2048_firmware *
buffalo bs-gsl2024_firmware *
buffalo bs-gs2024p_firmware *
buffalo bs-gsl2016_firmware *
buffalo bs-gs2008_firmware *
buffalo bs-gsl2016p_firmware *
buffalo bs-gs2016_firmware *
buffalo bs-gs2016hp_firmware *
buffalo bs-gs2024_firmware *
buffalo bs-gs2024hp_firmware *
CVE-2023-26588

Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016 firmware Ver. 1.10-0.03 and earlier, BS-GS2008 firmware Ver. 1.0.10.01 and earlier, BS-GS2016 firmware Ver. 1.0.10.01 and earlier, BS-GS2024 firmware Ver. 1.0.10.01 and earlier, BS-GS2048 firmware Ver. 1.0.10.01 and earlier, BS-GS2008P firmware Ver. 1.0.10.01 and earlier, BS-GS2016P firmware Ver. 1.0.10.01 and earlier, and BS-GS2024P firmware Ver. 1.0.10.01 and earlier

Products Affected

Vendor Product Version
buffalo bs-gs2016p_firmware *
buffalo bs-gs2008p_firmware *
buffalo bs-gs2048_firmware *
buffalo bs-gsl2005_firmware *
buffalo bs-gsl2024_firmware *
buffalo bs-gsl2008_firmware *
buffalo bs-gs2024p_firmware *
buffalo bs-gsl2005p_firmware *
buffalo bs-gsl2008p_firmware *
buffalo bs-gsl2016_firmware *
buffalo bs-gs2008_firmware *
buffalo bs-gsl2016p_firmware *
buffalo bs-gs2016_firmware *
buffalo bs-gs2016hp_firmware *
buffalo bs-gs2024_firmware *
buffalo bs-gs2024hp_firmware *
CVE-2023-39620

An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote attacker to obtain sensitive information via the guest account function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
buffalo terastation_nas_5410r_firmware 5.00-0.07
CVE-2023-45741

VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
buffalo vr-s1000_firmware *
CVE-2023-46681

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
buffalo vr-s1000_firmware *
CVE-2023-46711

VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
buffalo vr-s1000_firmware *
CVE-2023-49038

Command injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
buffalo ls210d_firmware 1.78-0.03
CVE-2023-51073

An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/update_notifications.sh.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
buffalo ls210d_firmware 1.78-0.03
CVE-2023-51363

VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
buffalo vr-s1000_firmware *
CVE-2024-23486

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.

Products Affected

Vendor Product Version
buffalo wsr-2533dhp2_firmware *
buffalo wsr-a2533dhp2_firmware *
buffalo wsr-2533dhpl_firmware *
buffalo wsr-2533dhp_firmware *
CVE-2024-26023

OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.

Products Affected

Vendor Product Version
buffalo wsr-1166dhp_firmware *
buffalo wsr-2533dhp2_firmware *
buffalo wsr-a2533dhp2_firmware *
buffalo wsr-2533dhpl_firmware *
buffalo wsr-2533dhp_firmware *
buffalo wsr-1166dhp2_firmware *
buffalo wcr-1166ds_firmware *
CVE-2026-27650

OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
buffalo wem-1266wp_firmware *
buffalo wxr-1750dhp_firmware *
buffalo wzr-600dhp_firmware -
buffalo wzr-600dhp2_firmware -
buffalo wcr-1166dhpl_firmware *
buffalo wxr-5950ax12_firmware *
buffalo wapm-1266wdpra_firmware *
buffalo wzr-900dhp2_firmware -
buffalo wxr-1900dhp3_firmware *
buffalo wxr-1750dhp2_firmware *
buffalo wapm-1750d_firmware *
buffalo wxr-6000ax12s_firmware *
buffalo wapm-ax8r_firmware *
buffalo wsr3600be4p_firmware *
buffalo wapm-1266wdpr_firmware *
buffalo wzr-900dhp_firmware -
buffalo wxr18000be10p_firmware *
buffalo wtr-m2133hs_firmware *
buffalo wzr-s900dhp_firmware -
buffalo wzr-1166dhp_firmware *
buffalo waps-1266_firmware *
buffalo wxr-1900dhp_firmware *
buffalo wxr-6000ax12b_firmware *
buffalo wxr-1900dhp2_firmware *
buffalo wapm-2133r_firmware *
buffalo wzr-600dhp3_firmware -
buffalo wzr-s600dhp_firmware -
buffalo wtr-m2133hp_firmware *
buffalo wzr-s1750dhp_firmware *
buffalo wsr3600be4-kh_firmware *
buffalo wrm-d2133hs_firmware *
buffalo wzr-1166dhp2_firmware *
buffalo waps-ax4_firmware *
buffalo wapm-ax4r_firmware *
buffalo vr-u500x_firmware *
buffalo fs-s1266_firmware *
buffalo wapm-1266r_firmware *
buffalo wrm-d2133hp_firmware *
buffalo wapm-2133tr_firmware *
buffalo wzr-1750dhp_firmware *
buffalo wapm-axetr_firmware *
buffalo fs-m1266_firmware *
buffalo vr-u300w_firmware *
buffalo wem-1266_firmware *
buffalo wxr-6000ax12p_firmware *
CVE-2026-32669

Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products.

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
buffalo wem-1266wp_firmware *
buffalo wxr-1750dhp_firmware *
buffalo wzr-600dhp_firmware -
buffalo wzr-600dhp2_firmware -
buffalo wcr-1166dhpl_firmware *
buffalo wxr-5950ax12_firmware *
buffalo wapm-1266wdpra_firmware *
buffalo wzr-900dhp2_firmware -
buffalo wxr-1900dhp3_firmware *
buffalo wxr-1750dhp2_firmware *
buffalo wapm-1750d_firmware *
buffalo wxr-6000ax12s_firmware *
buffalo wapm-ax8r_firmware *
buffalo wsr3600be4p_firmware *
buffalo wapm-1266wdpr_firmware *
buffalo wzr-900dhp_firmware -
buffalo wxr18000be10p_firmware *
buffalo wtr-m2133hs_firmware *
buffalo wzr-s900dhp_firmware -
buffalo wzr-1166dhp_firmware *
buffalo waps-1266_firmware *
buffalo wxr-1900dhp_firmware *
buffalo wxr-6000ax12b_firmware *
buffalo wxr-1900dhp2_firmware *
buffalo wapm-2133r_firmware *
buffalo wzr-600dhp3_firmware -
buffalo wzr-s600dhp_firmware -
buffalo wtr-m2133hp_firmware *
buffalo wzr-s1750dhp_firmware *
buffalo wsr3600be4-kh_firmware *
buffalo wrm-d2133hs_firmware *
buffalo wzr-1166dhp2_firmware *
buffalo waps-ax4_firmware *
buffalo wapm-ax4r_firmware *
buffalo vr-u500x_firmware *
buffalo fs-s1266_firmware *
buffalo wapm-1266r_firmware *
buffalo wrm-d2133hp_firmware *
buffalo wapm-2133tr_firmware *
buffalo wzr-1750dhp_firmware *
buffalo wapm-axetr_firmware *
buffalo fs-m1266_firmware *
buffalo vr-u300w_firmware *
buffalo wem-1266_firmware *
buffalo wxr-6000ax12p_firmware *
CVE-2026-32678

Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
buffalo wem-1266wp_firmware *
buffalo wxr-1750dhp_firmware *
buffalo wzr-600dhp_firmware -
buffalo wzr-600dhp2_firmware -
buffalo wcr-1166dhpl_firmware *
buffalo wxr-5950ax12_firmware *
buffalo wapm-1266wdpra_firmware *
buffalo wzr-900dhp2_firmware -
buffalo wxr-1900dhp3_firmware *
buffalo wxr-1750dhp2_firmware *
buffalo wapm-1750d_firmware *
buffalo wxr-6000ax12s_firmware *
buffalo wapm-ax8r_firmware *
buffalo wsr3600be4p_firmware *
buffalo wapm-1266wdpr_firmware *
buffalo wzr-900dhp_firmware -
buffalo wxr18000be10p_firmware *
buffalo wtr-m2133hs_firmware *
buffalo wzr-s900dhp_firmware -
buffalo wzr-1166dhp_firmware *
buffalo waps-1266_firmware *
buffalo wxr-1900dhp_firmware *
buffalo wxr-6000ax12b_firmware *
buffalo wxr-1900dhp2_firmware *
buffalo wapm-2133r_firmware *
buffalo wzr-600dhp3_firmware -
buffalo wzr-s600dhp_firmware -
buffalo wtr-m2133hp_firmware *
buffalo wzr-s1750dhp_firmware *
buffalo wsr3600be4-kh_firmware *
buffalo wrm-d2133hs_firmware *
buffalo wzr-1166dhp2_firmware *
buffalo waps-ax4_firmware *
buffalo wapm-ax4r_firmware *
buffalo vr-u500x_firmware *
buffalo fs-s1266_firmware *
buffalo wapm-1266r_firmware *
buffalo wrm-d2133hp_firmware *
buffalo wapm-2133tr_firmware *
buffalo wzr-1750dhp_firmware *
buffalo wapm-axetr_firmware *
buffalo fs-m1266_firmware *
buffalo vr-u300w_firmware *
buffalo wem-1266_firmware *
buffalo wxr-6000ax12p_firmware *
CVE-2026-33280

Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
buffalo wem-1266wp_firmware *
buffalo wxr-1750dhp_firmware *
buffalo wzr-600dhp_firmware -
buffalo wzr-600dhp2_firmware -
buffalo wcr-1166dhpl_firmware *
buffalo wxr-5950ax12_firmware *
buffalo wapm-1266wdpra_firmware *
buffalo wzr-900dhp2_firmware -
buffalo wxr-1900dhp3_firmware *
buffalo wxr-1750dhp2_firmware *
buffalo wapm-1750d_firmware *
buffalo wxr-6000ax12s_firmware *
buffalo wapm-ax8r_firmware *
buffalo wsr3600be4p_firmware *
buffalo wapm-1266wdpr_firmware *
buffalo wzr-900dhp_firmware -
buffalo wxr18000be10p_firmware *
buffalo wtr-m2133hs_firmware *
buffalo wzr-s900dhp_firmware -
buffalo wzr-1166dhp_firmware *
buffalo waps-1266_firmware *
buffalo wxr-1900dhp_firmware *
buffalo wxr-6000ax12b_firmware *
buffalo wxr-1900dhp2_firmware *
buffalo wapm-2133r_firmware *
buffalo wzr-600dhp3_firmware -
buffalo wzr-s600dhp_firmware -
buffalo wtr-m2133hp_firmware *
buffalo wzr-s1750dhp_firmware *
buffalo wsr3600be4-kh_firmware *
buffalo wrm-d2133hs_firmware *
buffalo wzr-1166dhp2_firmware *
buffalo waps-ax4_firmware *
buffalo wapm-ax4r_firmware *
buffalo vr-u500x_firmware *
buffalo fs-s1266_firmware *
buffalo wapm-1266r_firmware *
buffalo wrm-d2133hp_firmware *
buffalo wapm-2133tr_firmware *
buffalo wzr-1750dhp_firmware *
buffalo wapm-axetr_firmware *
buffalo fs-m1266_firmware *
buffalo vr-u300w_firmware *
buffalo wem-1266_firmware *
buffalo wxr-6000ax12p_firmware *
CVE-2026-33366

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.

Products Affected

Vendor Product Version
buffalo wzr-1750dhp2_firmware *
buffalo wem-1266wp_firmware *
buffalo wxr-1750dhp_firmware *
buffalo wzr-600dhp_firmware -
buffalo wzr-600dhp2_firmware -
buffalo wcr-1166dhpl_firmware *
buffalo wxr-5950ax12_firmware *
buffalo wapm-1266wdpra_firmware *
buffalo wzr-900dhp2_firmware -
buffalo wxr-1900dhp3_firmware *
buffalo wxr-1750dhp2_firmware *
buffalo wapm-1750d_firmware *
buffalo wxr-6000ax12s_firmware *
buffalo wapm-ax8r_firmware *
buffalo wsr3600be4p_firmware *
buffalo wapm-1266wdpr_firmware *
buffalo wzr-900dhp_firmware -
buffalo wxr18000be10p_firmware *
buffalo wtr-m2133hs_firmware *
buffalo wzr-s900dhp_firmware -
buffalo wzr-1166dhp_firmware *
buffalo waps-1266_firmware *
buffalo wxr-1900dhp_firmware *
buffalo wxr-6000ax12b_firmware *
buffalo wxr-1900dhp2_firmware *
buffalo wapm-2133r_firmware *
buffalo wzr-600dhp3_firmware -
buffalo wzr-s600dhp_firmware -
buffalo wtr-m2133hp_firmware *
buffalo wzr-s1750dhp_firmware *
buffalo wsr3600be4-kh_firmware *
buffalo wrm-d2133hs_firmware *
buffalo wzr-1166dhp2_firmware *
buffalo waps-ax4_firmware *
buffalo wapm-ax4r_firmware *
buffalo vr-u500x_firmware *
buffalo fs-s1266_firmware *
buffalo wapm-1266r_firmware *
buffalo wrm-d2133hp_firmware *
buffalo wapm-2133tr_firmware *
buffalo wzr-1750dhp_firmware *
buffalo wapm-axetr_firmware *
buffalo fs-m1266_firmware *
buffalo vr-u300w_firmware *
buffalo wem-1266_firmware *
buffalo wxr-6000ax12p_firmware *