Description
OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.
Published: 2026-03-27
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

An OS command injection flaw allows an attacker to execute arbitrary commands on Buffalo Wi‑Fi router firmware, leading to complete compromise of the device. The vulnerability could be used to exfiltrate sensitive data, alter network traffic, or disrupt connectivity, thereby impacting confidentiality, integrity, and availability.

Affected Systems

The flaw affects a broad range of Buffalo Wi‑Fi router products, including models such as FS‑M1266, FS‑S1266, VR‑U300W, VR‑U500X, WAPM‑1266, WAPM‑1750, WRM‑D2133, WSR‑3600, WTR‑M2133, various WX‑R and WZR series. Affected firmware versions are unspecified, so any currently deployed firmware of these devices may be vulnerable.

Risk and Exploitability

The CVSS score of 8.6 indicates high severity, while the EPSS score of less than 1% suggests a relatively low probability of exploitation in the wild. The flaw is not listed in the CISA KEV catalog, and no public exploit has been reported. The likely attack vector is inferred to be remote network access via the device’s web or configuration interface, which could expose the command injection payload to unauthenticated or authenticated users with sufficient privileges.

Generated by OpenCVE AI on April 1, 2026 at 03:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Buffalo support for a firmware update that addresses the command‑injection vulnerability and upgrade the device firmware as soon as possible.
  • If no update is immediately available, disable remote configuration or web interface access from untrusted networks.
  • Restrict administrative access to the router using strong passwords, and enable two‑factor authentication if supported.
  • Monitor the router’s logs for suspicious command execution or unauthorized access attempts, and isolate the device from critical network segments until a fix is applied.

Generated by OpenCVE AI on April 1, 2026 at 03:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Title OS Command Injection in Buffalo Wi‑Fi Router Firmware

Tue, 31 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Buffalo fs-m1266
Buffalo fs-m1266 Firmware
Buffalo fs-s1266
Buffalo fs-s1266 Firmware
Buffalo vr-u300w
Buffalo vr-u300w Firmware
Buffalo vr-u500x
Buffalo vr-u500x Firmware
Buffalo wapm-1266r
Buffalo wapm-1266r Firmware
Buffalo wapm-1266wdpr
Buffalo wapm-1266wdpr Firmware
Buffalo wapm-1266wdpra
Buffalo wapm-1266wdpra Firmware
Buffalo wapm-1750d
Buffalo wapm-1750d Firmware
Buffalo wapm-2133r
Buffalo wapm-2133r Firmware
Buffalo wapm-2133tr
Buffalo wapm-2133tr Firmware
Buffalo wapm-ax4r
Buffalo wapm-ax4r Firmware
Buffalo wapm-ax8r
Buffalo wapm-ax8r Firmware
Buffalo wapm-axetr
Buffalo wapm-axetr Firmware
Buffalo waps-1266
Buffalo waps-1266 Firmware
Buffalo waps-ax4
Buffalo waps-ax4 Firmware
Buffalo wcr-1166dhpl
Buffalo wcr-1166dhpl Firmware
Buffalo wem-1266
Buffalo wem-1266 Firmware
Buffalo wem-1266wp
Buffalo wem-1266wp Firmware
Buffalo wrm-d2133hp
Buffalo wrm-d2133hp Firmware
Buffalo wrm-d2133hs
Buffalo wrm-d2133hs Firmware
Buffalo wsr3600be4-kh
Buffalo wsr3600be4-kh Firmware
Buffalo wsr3600be4p
Buffalo wsr3600be4p Firmware
Buffalo wtr-m2133hp
Buffalo wtr-m2133hp Firmware
Buffalo wtr-m2133hs
Buffalo wtr-m2133hs Firmware
Buffalo wxr-1750dhp
Buffalo wxr-1750dhp2
Buffalo wxr-1750dhp2 Firmware
Buffalo wxr-1750dhp Firmware
Buffalo wxr-1900dhp
Buffalo wxr-1900dhp2
Buffalo wxr-1900dhp2 Firmware
Buffalo wxr-1900dhp3
Buffalo wxr-1900dhp3 Firmware
Buffalo wxr-1900dhp Firmware
Buffalo wxr-5950ax12
Buffalo wxr-5950ax12 Firmware
Buffalo wxr-6000ax12b
Buffalo wxr-6000ax12b Firmware
Buffalo wxr-6000ax12p
Buffalo wxr-6000ax12p Firmware
Buffalo wxr-6000ax12s
Buffalo wxr-6000ax12s Firmware
Buffalo wxr18000be10p
Buffalo wxr18000be10p Firmware
Buffalo wzr-1166dhp
Buffalo wzr-1166dhp2
Buffalo wzr-1166dhp2 Firmware
Buffalo wzr-1166dhp Firmware
Buffalo wzr-1750dhp
Buffalo wzr-1750dhp2
Buffalo wzr-1750dhp2 Firmware
Buffalo wzr-1750dhp Firmware
Buffalo wzr-600dhp
Buffalo wzr-600dhp2
Buffalo wzr-600dhp2 Firmware
Buffalo wzr-600dhp3
Buffalo wzr-600dhp3 Firmware
Buffalo wzr-600dhp Firmware
Buffalo wzr-900dhp
Buffalo wzr-900dhp2
Buffalo wzr-900dhp2 Firmware
Buffalo wzr-900dhp Firmware
Buffalo wzr-s1750dhp
Buffalo wzr-s1750dhp Firmware
Buffalo wzr-s600dhp
Buffalo wzr-s600dhp Firmware
Buffalo wzr-s900dhp
Buffalo wzr-s900dhp Firmware
CPEs cpe:2.3:h:buffalo:fs-m1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-s1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:vr-u300w:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:vr-u500x:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266wdpr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266wdpra:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1750d:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-2133r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-2133tr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-ax4r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-ax8r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-axetr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:waps-1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:waps-ax4:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wcr-1166dhpl:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wem-1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wem-1266wp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wrm-d2133hp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wrm-d2133hs:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wsr3600be4-kh:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wsr3600be4p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wtr-m2133hp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wtr-m2133hs:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1750dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp3:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-5950ax12:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12b:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12s:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr18000be10p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1166dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1166dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:fs-m1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:fs-s1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:vr-u300w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:vr-u500x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266wdpr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266wdpra_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1750d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-2133r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-2133tr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-ax4r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-ax8r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-axetr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:waps-1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:waps-ax4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wcr-1166dhpl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wem-1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wem-1266wp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wrm-d2133hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wrm-d2133hs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wsr3600be4-kh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wsr3600be4p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wtr-m2133hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wtr-m2133hs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1750dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-5950ax12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr18000be10p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1166dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-900dhp2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-900dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s600dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s900dhp_firmware:-:*:*:*:*:*:*:*
Vendors & Products Buffalo fs-m1266
Buffalo fs-m1266 Firmware
Buffalo fs-s1266
Buffalo fs-s1266 Firmware
Buffalo vr-u300w
Buffalo vr-u300w Firmware
Buffalo vr-u500x
Buffalo vr-u500x Firmware
Buffalo wapm-1266r
Buffalo wapm-1266r Firmware
Buffalo wapm-1266wdpr
Buffalo wapm-1266wdpr Firmware
Buffalo wapm-1266wdpra
Buffalo wapm-1266wdpra Firmware
Buffalo wapm-1750d
Buffalo wapm-1750d Firmware
Buffalo wapm-2133r
Buffalo wapm-2133r Firmware
Buffalo wapm-2133tr
Buffalo wapm-2133tr Firmware
Buffalo wapm-ax4r
Buffalo wapm-ax4r Firmware
Buffalo wapm-ax8r
Buffalo wapm-ax8r Firmware
Buffalo wapm-axetr
Buffalo wapm-axetr Firmware
Buffalo waps-1266
Buffalo waps-1266 Firmware
Buffalo waps-ax4
Buffalo waps-ax4 Firmware
Buffalo wcr-1166dhpl
Buffalo wcr-1166dhpl Firmware
Buffalo wem-1266
Buffalo wem-1266 Firmware
Buffalo wem-1266wp
Buffalo wem-1266wp Firmware
Buffalo wrm-d2133hp
Buffalo wrm-d2133hp Firmware
Buffalo wrm-d2133hs
Buffalo wrm-d2133hs Firmware
Buffalo wsr3600be4-kh
Buffalo wsr3600be4-kh Firmware
Buffalo wsr3600be4p
Buffalo wsr3600be4p Firmware
Buffalo wtr-m2133hp
Buffalo wtr-m2133hp Firmware
Buffalo wtr-m2133hs
Buffalo wtr-m2133hs Firmware
Buffalo wxr-1750dhp
Buffalo wxr-1750dhp2
Buffalo wxr-1750dhp2 Firmware
Buffalo wxr-1750dhp Firmware
Buffalo wxr-1900dhp
Buffalo wxr-1900dhp2
Buffalo wxr-1900dhp2 Firmware
Buffalo wxr-1900dhp3
Buffalo wxr-1900dhp3 Firmware
Buffalo wxr-1900dhp Firmware
Buffalo wxr-5950ax12
Buffalo wxr-5950ax12 Firmware
Buffalo wxr-6000ax12b
Buffalo wxr-6000ax12b Firmware
Buffalo wxr-6000ax12p
Buffalo wxr-6000ax12p Firmware
Buffalo wxr-6000ax12s
Buffalo wxr-6000ax12s Firmware
Buffalo wxr18000be10p
Buffalo wxr18000be10p Firmware
Buffalo wzr-1166dhp
Buffalo wzr-1166dhp2
Buffalo wzr-1166dhp2 Firmware
Buffalo wzr-1166dhp Firmware
Buffalo wzr-1750dhp
Buffalo wzr-1750dhp2
Buffalo wzr-1750dhp2 Firmware
Buffalo wzr-1750dhp Firmware
Buffalo wzr-600dhp
Buffalo wzr-600dhp2
Buffalo wzr-600dhp2 Firmware
Buffalo wzr-600dhp3
Buffalo wzr-600dhp3 Firmware
Buffalo wzr-600dhp Firmware
Buffalo wzr-900dhp
Buffalo wzr-900dhp2
Buffalo wzr-900dhp2 Firmware
Buffalo wzr-900dhp Firmware
Buffalo wzr-s1750dhp
Buffalo wzr-s1750dhp Firmware
Buffalo wzr-s600dhp
Buffalo wzr-s600dhp Firmware
Buffalo wzr-s900dhp
Buffalo wzr-s900dhp Firmware
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Buffalo
Buffalo wi-fi Router Products
Vendors & Products Buffalo
Buffalo wi-fi Router Products

Fri, 27 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 27 Mar 2026 06:00:00 +0000

Type Values Removed Values Added
Description OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.
Weaknesses CWE-78
References
Metrics cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Buffalo Fs-m1266 Fs-m1266 Firmware Fs-s1266 Fs-s1266 Firmware Vr-u300w Vr-u300w Firmware Vr-u500x Vr-u500x Firmware Wapm-1266r Wapm-1266r Firmware Wapm-1266wdpr Wapm-1266wdpr Firmware Wapm-1266wdpra Wapm-1266wdpra Firmware Wapm-1750d Wapm-1750d Firmware Wapm-2133r Wapm-2133r Firmware Wapm-2133tr Wapm-2133tr Firmware Wapm-ax4r Wapm-ax4r Firmware Wapm-ax8r Wapm-ax8r Firmware Wapm-axetr Wapm-axetr Firmware Waps-1266 Waps-1266 Firmware Waps-ax4 Waps-ax4 Firmware Wcr-1166dhpl Wcr-1166dhpl Firmware Wem-1266 Wem-1266 Firmware Wem-1266wp Wem-1266wp Firmware Wi-fi Router Products Wrm-d2133hp Wrm-d2133hp Firmware Wrm-d2133hs Wrm-d2133hs Firmware Wsr3600be4-kh Wsr3600be4-kh Firmware Wsr3600be4p Wsr3600be4p Firmware Wtr-m2133hp Wtr-m2133hp Firmware Wtr-m2133hs Wtr-m2133hs Firmware Wxr-1750dhp Wxr-1750dhp2 Wxr-1750dhp2 Firmware Wxr-1750dhp Firmware Wxr-1900dhp Wxr-1900dhp2 Wxr-1900dhp2 Firmware Wxr-1900dhp3 Wxr-1900dhp3 Firmware Wxr-1900dhp Firmware Wxr-5950ax12 Wxr-5950ax12 Firmware Wxr-6000ax12b Wxr-6000ax12b Firmware Wxr-6000ax12p Wxr-6000ax12p Firmware Wxr-6000ax12s Wxr-6000ax12s Firmware Wxr18000be10p Wxr18000be10p Firmware Wzr-1166dhp Wzr-1166dhp2 Wzr-1166dhp2 Firmware Wzr-1166dhp Firmware Wzr-1750dhp Wzr-1750dhp2 Wzr-1750dhp2 Firmware Wzr-1750dhp Firmware Wzr-600dhp Wzr-600dhp2 Wzr-600dhp2 Firmware Wzr-600dhp3 Wzr-600dhp3 Firmware Wzr-600dhp Firmware Wzr-900dhp Wzr-900dhp2 Wzr-900dhp2 Firmware Wzr-900dhp Firmware Wzr-s1750dhp Wzr-s1750dhp Firmware Wzr-s600dhp Wzr-s600dhp Firmware Wzr-s900dhp Wzr-s900dhp Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-03-27T19:58:51.644Z

Reserved: 2026-03-25T06:25:30.930Z

Link: CVE-2026-27650

cve-icon Vulnrichment

Updated: 2026-03-27T19:58:46.867Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-27T06:16:38.257

Modified: 2026-03-31T19:04:01.203

Link: CVE-2026-27650

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:55:45Z

Weaknesses