CVE-2022-40966 - Vulnerability Details

Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0017.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

BUFFALO INC.

Buffalo network devices

affected

Version	Status	Constraints
`A wide range of products is affected. For the specific products/versions information, see the URLs provided by the vendor and JVN which are listed in [Reference] section.`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:buffalo:wcr-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wcr-300:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:buffalo:whr-hp-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-g300n:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:buffalo:whr-hp-gn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-gn:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:buffalo:wpl-05g300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wpl-05g300:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:buffalo:wrm-d2133hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wrm-d2133hp:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:buffalo:wrm-d2133hs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wrm-d2133hs:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:buffalo:wtr-m2133hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wtr-m2133hp:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:buffalo:wtr-m2133hs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wtr-m2133hs:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:buffalo:wxr-1900dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wxr-1900dhp:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:buffalo:wxr-1900dhp3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wxr-1900dhp3:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:buffalo:wxr-5950ax12_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wxr-5950ax12:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:buffalo:wxr-6000ax12b_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wxr-6000ax12b:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:buffalo:wxr-6000ax12s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wxr-6000ax12s:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:buffalo:wzr-300hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-300hp:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:buffalo:wzr-600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:buffalo:wzr-900dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-ag300h:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g302h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g302h:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:buffalo:wem-1266_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wem-1266:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:buffalo:wem-1266wp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wem-1266wp:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:buffalo:wlae-ag300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wlae-ag300n:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:buffalo:fs-600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-600dhp:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:buffalo:fs-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-g300n:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:buffalo:fs-hp-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-hp-g300n:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:buffalo:fs-r600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:fs-r600dhp:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:buffalo:bhr-4grv_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:bhr-4grv:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:dwr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:buffalo:dwr-pg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:dwr-pg:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:buffalo:hw-450hp-zwe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:hw-450hp-zwe:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:buffalo:wer-a54g54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wer-a54g54:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:buffalo:wer-ag54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wer-ag54:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:buffalo:wer-am54g54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wer-am54g54:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:buffalo:wer-amg54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wer-amg54:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:buffalo:whr-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-300:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:buffalo:whr-300hp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-300hp:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:buffalo:whr-am54g54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-am54g54:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:buffalo:whr-amg54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-amg54:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:buffalo:whr-ampg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-ampg:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:buffalo:whr-g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:buffalo:whr-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g300n:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:buffalo:whr-g301n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g301n:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:buffalo:whr-g54s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g54s:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:buffalo:whr-g54s-ni_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-g54s-ni:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:buffalo:whr-hp-ampg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-ampg:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:buffalo:whr-hp-g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-g:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:buffalo:whr-hp-g54_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:whr-hp-g54:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:buffalo:wli-h4-d600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wli-h4-d600:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:buffalo:ws024bf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:ws024bf:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:buffalo:ws024bf-nw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:ws024bf-nw:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:buffalo:wxr-1750dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wxr-1750dhp:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:buffalo:wxr-1750dhp2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wxr-1750dhp2:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:buffalo:wzr-1166dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-1166dhp:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-1166dhp2:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:buffalo:wzr-1750dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-1750dhp:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:buffalo:wzr2-g300n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr2-g300n:-:*:*:*:*:*:*:*

Configuration 59 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp-cwt:-:*:*:*:*:*:*:*

Configuration 60 [-]

AND

cpe:2.3:o:buffalo:wzr-450hp-ub_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-450hp-ub:-:*:*:*:*:*:*:*

Configuration 61 [-]

AND

cpe:2.3:o:buffalo:wzr-600dhp2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*

Configuration 62 [-]

AND

cpe:2.3:o:buffalo:wzr-600dhp3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*

Configuration 63 [-]

AND

cpe:2.3:o:buffalo:wzr-900dhp2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*

Configuration 64 [-]

AND

cpe:2.3:o:buffalo:wzr-agl300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-agl300nh:-:*:*:*:*:*:*:*

Configuration 65 [-]

AND

cpe:2.3:o:buffalo:wzr-ampg144nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-ampg144nh:-:*:*:*:*:*:*:*

Configuration 66 [-]

AND

cpe:2.3:o:buffalo:wzr-ampg300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-ampg300nh:-:*:*:*:*:*:*:*

Configuration 67 [-]

AND

cpe:2.3:o:buffalo:wzr-d1100h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-d1100h:-:*:*:*:*:*:*:*

Configuration 68 [-]

AND

cpe:2.3:o:buffalo:wzr-g144n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-g144n:-:*:*:*:*:*:*:*

Configuration 69 [-]

AND

cpe:2.3:o:buffalo:wzr-g144nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-g144nh:-:*:*:*:*:*:*:*

Configuration 70 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g300nh:-:*:*:*:*:*:*:*

Configuration 71 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g301nh:-:*:*:*:*:*:*:*

Configuration 72 [-]

AND

cpe:2.3:o:buffalo:wzr-hp-g450h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-hp-g450h:-:*:*:*:*:*:*:*

Configuration 73 [-]

AND

cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-s1750dhp:-:*:*:*:*:*:*:*

Configuration 74 [-]

AND

cpe:2.3:o:buffalo:wzr-s600dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*

Configuration 75 [-]

AND

cpe:2.3:o:buffalo:wzr-s900dhp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Buffalo Subscribe	Bhr-4grv Subscribe Bhr-4grv Firmware Subscribe Dwr-hp-g300nh Subscribe Dwr-hp-g300nh Firmware Subscribe Dwr-pg Subscribe Dwr-pg Firmware Subscribe Fs-600dhp Subscribe Fs-600dhp Firmware Subscribe Fs-g300n Subscribe Fs-g300n Firmware Subscribe Fs-hp-g300n Subscribe Fs-hp-g300n Firmware Subscribe Fs-r600dhp Subscribe Fs-r600dhp Firmware Subscribe Hw-450hp-zwe Subscribe Hw-450hp-zwe Firmware Subscribe Wcr-300 Subscribe Wcr-300 Firmware Subscribe Wem-1266 Subscribe Wem-1266 Firmware Subscribe Wem-1266wp Subscribe Wem-1266wp Firmware Subscribe Wer-a54g54 Subscribe Wer-a54g54 Firmware Subscribe Wer-ag54 Subscribe Wer-ag54 Firmware Subscribe Wer-am54g54 Subscribe Wer-am54g54 Firmware Subscribe Wer-amg54 Subscribe Wer-amg54 Firmware Subscribe Whr-300 Subscribe Whr-300 Firmware Subscribe Whr-300hp Subscribe Whr-300hp Firmware Subscribe Whr-am54g54 Subscribe Whr-am54g54 Firmware Subscribe Whr-amg54 Subscribe Whr-amg54 Firmware Subscribe Whr-ampg Subscribe Whr-ampg Firmware Subscribe Whr-g Subscribe Whr-g300n Subscribe Whr-g300n Firmware Subscribe Whr-g301n Subscribe Whr-g301n Firmware Subscribe Whr-g54s Subscribe Whr-g54s-ni Subscribe Whr-g54s-ni Firmware Subscribe Whr-g54s Firmware Subscribe Whr-g Firmware Subscribe Whr-hp-ampg Subscribe Whr-hp-ampg Firmware Subscribe Whr-hp-g Subscribe Whr-hp-g300n Subscribe Whr-hp-g300n Firmware Subscribe Whr-hp-g54 Subscribe Whr-hp-g54 Firmware Subscribe Whr-hp-g Firmware Subscribe Whr-hp-gn Subscribe Whr-hp-gn Firmware Subscribe Wlae-ag300n Subscribe Wlae-ag300n Firmware Subscribe Wli-h4-d600 Subscribe Wli-h4-d600 Firmware Subscribe Wpl-05g300 Subscribe Wpl-05g300 Firmware Subscribe Wrm-d2133hp Subscribe Wrm-d2133hp Firmware Subscribe Wrm-d2133hs Subscribe Wrm-d2133hs Firmware Subscribe Ws024bf Subscribe Ws024bf-nw Subscribe Ws024bf-nw Firmware Subscribe Ws024bf Firmware Subscribe Wtr-m2133hp Subscribe Wtr-m2133hp Firmware Subscribe Wtr-m2133hs Subscribe Wtr-m2133hs Firmware Subscribe Wxr-1750dhp Subscribe Wxr-1750dhp2 Subscribe Wxr-1750dhp2 Firmware Subscribe Wxr-1750dhp Firmware Subscribe Wxr-1900dhp Subscribe Wxr-1900dhp2 Subscribe Wxr-1900dhp2 Firmware Subscribe Wxr-1900dhp3 Subscribe Wxr-1900dhp3 Firmware Subscribe Wxr-1900dhp Firmware Subscribe Wxr-5950ax12 Subscribe Wxr-5950ax12 Firmware Subscribe Wxr-6000ax12b Subscribe Wxr-6000ax12b Firmware Subscribe Wxr-6000ax12s Subscribe Wxr-6000ax12s Firmware Subscribe Wzr-1166dhp Subscribe Wzr-1166dhp2 Subscribe Wzr-1166dhp2 Firmware Subscribe Wzr-1166dhp Firmware Subscribe Wzr-1750dhp Subscribe Wzr-1750dhp2 Subscribe Wzr-1750dhp2 Firmware Subscribe Wzr-1750dhp Firmware Subscribe Wzr-300hp Subscribe Wzr-300hp Firmware Subscribe Wzr-450hp Subscribe Wzr-450hp-cwt Subscribe Wzr-450hp-cwt Firmware Subscribe Wzr-450hp-ub Subscribe Wzr-450hp-ub Firmware Subscribe Wzr-450hp Firmware Subscribe Wzr-600dhp Subscribe Wzr-600dhp2 Subscribe Wzr-600dhp2 Firmware Subscribe Wzr-600dhp3 Subscribe Wzr-600dhp3 Firmware Subscribe Wzr-600dhp Firmware Subscribe Wzr-900dhp Subscribe Wzr-900dhp2 Subscribe Wzr-900dhp2 Firmware Subscribe Wzr-900dhp Firmware Subscribe Wzr-agl300nh Subscribe Wzr-agl300nh Firmware Subscribe Wzr-ampg144nh Subscribe Wzr-ampg144nh Firmware Subscribe Wzr-ampg300nh Subscribe Wzr-ampg300nh Firmware Subscribe Wzr-d1100h Subscribe Wzr-d1100h Firmware Subscribe Wzr-g144n Subscribe Wzr-g144n Firmware Subscribe Wzr-g144nh Subscribe Wzr-g144nh Firmware Subscribe Wzr-hp-ag300h Subscribe Wzr-hp-ag300h Firmware Subscribe Wzr-hp-g300nh Subscribe Wzr-hp-g300nh Firmware Subscribe Wzr-hp-g301nh Subscribe Wzr-hp-g301nh Firmware Subscribe Wzr-hp-g302h Subscribe Wzr-hp-g302h Firmware Subscribe Wzr-hp-g450h Subscribe Wzr-hp-g450h Firmware Subscribe Wzr-s1750dhp Subscribe Wzr-s1750dhp Firmware Subscribe Wzr-s600dhp Subscribe Wzr-s600dhp Firmware Subscribe Wzr-s900dhp Subscribe Wzr-s900dhp Firmware Subscribe Wzr2-g300n Subscribe Wzr2-g300n Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2022-44212	Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU92805279/index.html
https://www.buffalo.jp/news/detail/20221003-01.html

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2022-12-07T00:00:00.000Z

Updated: 2025-04-23T16:06:14.667Z

Reserved: 2022-09-27T00:00:00.000Z

Link: CVE-2022-40966

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-12-07T10:15:11.073

Modified: 2025-04-23T16:15:25.130

Link: CVE-2022-40966

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-287

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object