Description
A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated privilege roles. The issue is triggered by modifying a parameter within requests sent to the /nasapi endpoint.
Published: 2026-04-20
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: Information Disclosure
Action: Apply Patch
AI Analysis

Impact

A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated privilege roles by modifying a parameter within requests to the /nasapi endpoint. This permits an attacker to discover account identifiers and the levels of access granted to each, an information disclosure that could aid in social engineering, credential guessing, or the planning of more targeted attacks. The weakness is a classic information exposure defect, analogous to CWE‑200.

Affected Systems

The affected product is the Buffalo Link Station running firmware 1.85‑0.01. No other vendors or versions are listed, and the vulnerability is identified only for this specific firmware release.

Risk and Exploitability

The lack of authentication requirements for the vulnerable API means any network participant with access to the device can trigger the enumeration. Although no public exploit or CVSS score is currently available and the vulnerability is not listed in the CISA KEV catalog, the potential for attackers to gather privilege information remains significant. Attackers could use the listed usernames and role information in subsequent attacks, such as phishing or privileged account credential reuse. The exploitability is low to moderate from a technical standpoint, but the impact of the disclosed information is high enough to warrant mitigation.

Generated by OpenCVE AI on April 20, 2026 at 17:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Buffalo firmware update that fixes the /nasapi enumeration issue.
  • Limit network access to the /nasapi endpoint to trusted hosts or authenticated users only, implemented via firewall rules or ACLs.
  • Disable or remove guest accounts on the device if they are not required.
  • Monitor device logs for repeated enumeration attempts and investigate suspicious activity.

Generated by OpenCVE AI on April 20, 2026 at 17:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Title Buffalo Link Station 1.85-0.01 allows enumeration of usernames and privilege roles via /nasapi
Weaknesses CWE-200

Mon, 20 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-639
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 20 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Description A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated privilege roles. The issue is triggered by modifying a parameter within requests sent to the /nasapi endpoint.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-20T16:54:28.824Z

Reserved: 2025-12-08T00:00:00.000Z

Link: CVE-2025-66954

cve-icon Vulnrichment

Updated: 2026-04-20T16:53:35.469Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-20T17:16:29.837

Modified: 2026-04-20T19:05:30.750

Link: CVE-2025-66954

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T17:30:12Z

Weaknesses