Description
Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.
Published: 2026-03-27
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized configuration changes without authentication
Action: Patch firmware
AI Analysis

Impact

An authentication bypass flaw in the web‑based administration interface of Buffalo Wi‑Fi routers allows an attacker to make configuration changes without any credentials. The flaw is a failure in verifying authentication before accepting configuration commands, enabling manipulation of network settings, opening services, or redirecting traffic. The weakness is classified as CWE‑288, imposing a high risk to confidentiality, integrity, and availability of the network served by the device.

Affected Systems

The vulnerability affects a broad set of Buffalo Inc. Wi‑Fi router products. Models include FS‑M1266, FS‑S1266, VR‑U300W, VR‑U500X, WAPM‑1266, WAPM‑1266WDPR, WAPM‑2133, WAPM‑AX4, WAPM‑AX8, WAPM‑AXEtr, WAPS‑1266, WAPS‑AX4, WCR‑1166DHPL, WEM‑1266, WRM‑D2133, WSR‑3600, WTR‑M2133, WXR‑1750, WXR‑1900, WXRT‑6000, WXRT‑18000, WZR‑1166, WZR‑1750, WZR‑600, WZR‑900 and several related variants as enumerated in the supplied CPE list.

Risk and Exploitability

The CVSS base score of 8.7 indicates a high severity vulnerability. EPSS shows exploitation probability is currently below 1 %, and the flaw is not listed in CISA’s KEV catalog. Inferred attack vector is the router’s remote management interface, requiring only access to the device’s IP or hostname; the attacker does not need authentication, making exploitation straightforward once the device is reachable. Although the threat score is high, actual exploitation depends on network exposure of the router.

Generated by OpenCVE AI on April 1, 2026 at 03:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update that includes the authentication bypass fix.
  • Disable or tightly restrict remote web‑management access on the router.
  • Configure strong, unique administrative passwords in place of defaults.
  • If available, enable HTTPS for the router administration interface to limit exposure to unencrypted traffic.
  • Regularly review configuration logs for unexpected changes and audit the device’s operational state.

Generated by OpenCVE AI on April 1, 2026 at 03:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Title Authentication Bypass in Buffalo Wi‑Fi Routers Allowing Unauthorized Configuration Changes

Tue, 31 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Buffalo fs-m1266
Buffalo fs-m1266 Firmware
Buffalo fs-s1266
Buffalo fs-s1266 Firmware
Buffalo vr-u300w
Buffalo vr-u300w Firmware
Buffalo vr-u500x
Buffalo vr-u500x Firmware
Buffalo wapm-1266r
Buffalo wapm-1266r Firmware
Buffalo wapm-1266wdpr
Buffalo wapm-1266wdpr Firmware
Buffalo wapm-1266wdpra
Buffalo wapm-1266wdpra Firmware
Buffalo wapm-1750d
Buffalo wapm-1750d Firmware
Buffalo wapm-2133r
Buffalo wapm-2133r Firmware
Buffalo wapm-2133tr
Buffalo wapm-2133tr Firmware
Buffalo wapm-ax4r
Buffalo wapm-ax4r Firmware
Buffalo wapm-ax8r
Buffalo wapm-ax8r Firmware
Buffalo wapm-axetr
Buffalo wapm-axetr Firmware
Buffalo waps-1266
Buffalo waps-1266 Firmware
Buffalo waps-ax4
Buffalo waps-ax4 Firmware
Buffalo wcr-1166dhpl
Buffalo wcr-1166dhpl Firmware
Buffalo wem-1266
Buffalo wem-1266 Firmware
Buffalo wem-1266wp
Buffalo wem-1266wp Firmware
Buffalo wrm-d2133hp
Buffalo wrm-d2133hp Firmware
Buffalo wrm-d2133hs
Buffalo wrm-d2133hs Firmware
Buffalo wsr3600be4-kh
Buffalo wsr3600be4-kh Firmware
Buffalo wsr3600be4p
Buffalo wsr3600be4p Firmware
Buffalo wtr-m2133hp
Buffalo wtr-m2133hp Firmware
Buffalo wtr-m2133hs
Buffalo wtr-m2133hs Firmware
Buffalo wxr-1750dhp
Buffalo wxr-1750dhp2
Buffalo wxr-1750dhp2 Firmware
Buffalo wxr-1750dhp Firmware
Buffalo wxr-1900dhp
Buffalo wxr-1900dhp2
Buffalo wxr-1900dhp2 Firmware
Buffalo wxr-1900dhp3
Buffalo wxr-1900dhp3 Firmware
Buffalo wxr-1900dhp Firmware
Buffalo wxr-5950ax12
Buffalo wxr-5950ax12 Firmware
Buffalo wxr-6000ax12b
Buffalo wxr-6000ax12b Firmware
Buffalo wxr-6000ax12p
Buffalo wxr-6000ax12p Firmware
Buffalo wxr-6000ax12s
Buffalo wxr-6000ax12s Firmware
Buffalo wxr18000be10p
Buffalo wxr18000be10p Firmware
Buffalo wzr-1166dhp
Buffalo wzr-1166dhp2
Buffalo wzr-1166dhp2 Firmware
Buffalo wzr-1166dhp Firmware
Buffalo wzr-1750dhp
Buffalo wzr-1750dhp2
Buffalo wzr-1750dhp2 Firmware
Buffalo wzr-1750dhp Firmware
Buffalo wzr-600dhp
Buffalo wzr-600dhp2
Buffalo wzr-600dhp2 Firmware
Buffalo wzr-600dhp3
Buffalo wzr-600dhp3 Firmware
Buffalo wzr-600dhp Firmware
Buffalo wzr-900dhp
Buffalo wzr-900dhp2
Buffalo wzr-900dhp2 Firmware
Buffalo wzr-900dhp Firmware
Buffalo wzr-s1750dhp
Buffalo wzr-s1750dhp Firmware
Buffalo wzr-s600dhp
Buffalo wzr-s600dhp Firmware
Buffalo wzr-s900dhp
Buffalo wzr-s900dhp Firmware
CPEs cpe:2.3:h:buffalo:fs-m1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-s1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:vr-u300w:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:vr-u500x:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266wdpr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266wdpra:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1750d:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-2133r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-2133tr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-ax4r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-ax8r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-axetr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:waps-1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:waps-ax4:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wcr-1166dhpl:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wem-1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wem-1266wp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wrm-d2133hp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wrm-d2133hs:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wsr3600be4-kh:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wsr3600be4p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wtr-m2133hp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wtr-m2133hs:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1750dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp3:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-5950ax12:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12b:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12s:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr18000be10p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1166dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1166dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:fs-m1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:fs-s1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:vr-u300w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:vr-u500x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266wdpr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266wdpra_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1750d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-2133r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-2133tr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-ax4r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-ax8r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-axetr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:waps-1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:waps-ax4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wcr-1166dhpl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wem-1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wem-1266wp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wrm-d2133hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wrm-d2133hs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wsr3600be4-kh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wsr3600be4p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wtr-m2133hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wtr-m2133hs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1750dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-5950ax12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr18000be10p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1166dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-900dhp2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-900dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s600dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s900dhp_firmware:-:*:*:*:*:*:*:*
Vendors & Products Buffalo fs-m1266
Buffalo fs-m1266 Firmware
Buffalo fs-s1266
Buffalo fs-s1266 Firmware
Buffalo vr-u300w
Buffalo vr-u300w Firmware
Buffalo vr-u500x
Buffalo vr-u500x Firmware
Buffalo wapm-1266r
Buffalo wapm-1266r Firmware
Buffalo wapm-1266wdpr
Buffalo wapm-1266wdpr Firmware
Buffalo wapm-1266wdpra
Buffalo wapm-1266wdpra Firmware
Buffalo wapm-1750d
Buffalo wapm-1750d Firmware
Buffalo wapm-2133r
Buffalo wapm-2133r Firmware
Buffalo wapm-2133tr
Buffalo wapm-2133tr Firmware
Buffalo wapm-ax4r
Buffalo wapm-ax4r Firmware
Buffalo wapm-ax8r
Buffalo wapm-ax8r Firmware
Buffalo wapm-axetr
Buffalo wapm-axetr Firmware
Buffalo waps-1266
Buffalo waps-1266 Firmware
Buffalo waps-ax4
Buffalo waps-ax4 Firmware
Buffalo wcr-1166dhpl
Buffalo wcr-1166dhpl Firmware
Buffalo wem-1266
Buffalo wem-1266 Firmware
Buffalo wem-1266wp
Buffalo wem-1266wp Firmware
Buffalo wrm-d2133hp
Buffalo wrm-d2133hp Firmware
Buffalo wrm-d2133hs
Buffalo wrm-d2133hs Firmware
Buffalo wsr3600be4-kh
Buffalo wsr3600be4-kh Firmware
Buffalo wsr3600be4p
Buffalo wsr3600be4p Firmware
Buffalo wtr-m2133hp
Buffalo wtr-m2133hp Firmware
Buffalo wtr-m2133hs
Buffalo wtr-m2133hs Firmware
Buffalo wxr-1750dhp
Buffalo wxr-1750dhp2
Buffalo wxr-1750dhp2 Firmware
Buffalo wxr-1750dhp Firmware
Buffalo wxr-1900dhp
Buffalo wxr-1900dhp2
Buffalo wxr-1900dhp2 Firmware
Buffalo wxr-1900dhp3
Buffalo wxr-1900dhp3 Firmware
Buffalo wxr-1900dhp Firmware
Buffalo wxr-5950ax12
Buffalo wxr-5950ax12 Firmware
Buffalo wxr-6000ax12b
Buffalo wxr-6000ax12b Firmware
Buffalo wxr-6000ax12p
Buffalo wxr-6000ax12p Firmware
Buffalo wxr-6000ax12s
Buffalo wxr-6000ax12s Firmware
Buffalo wxr18000be10p
Buffalo wxr18000be10p Firmware
Buffalo wzr-1166dhp
Buffalo wzr-1166dhp2
Buffalo wzr-1166dhp2 Firmware
Buffalo wzr-1166dhp Firmware
Buffalo wzr-1750dhp
Buffalo wzr-1750dhp2
Buffalo wzr-1750dhp2 Firmware
Buffalo wzr-1750dhp Firmware
Buffalo wzr-600dhp
Buffalo wzr-600dhp2
Buffalo wzr-600dhp2 Firmware
Buffalo wzr-600dhp3
Buffalo wzr-600dhp3 Firmware
Buffalo wzr-600dhp Firmware
Buffalo wzr-900dhp
Buffalo wzr-900dhp2
Buffalo wzr-900dhp2 Firmware
Buffalo wzr-900dhp Firmware
Buffalo wzr-s1750dhp
Buffalo wzr-s1750dhp Firmware
Buffalo wzr-s600dhp
Buffalo wzr-s600dhp Firmware
Buffalo wzr-s900dhp
Buffalo wzr-s900dhp Firmware

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Buffalo
Buffalo wi-fi Router Products
Vendors & Products Buffalo
Buffalo wi-fi Router Products

Fri, 27 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Mar 2026 09:30:00 +0000

Type Values Removed Values Added
Title Authentication Bypass in Buffalo Wi‑Fi Routers Allowing Unauthorized Configuration Changes

Fri, 27 Mar 2026 06:00:00 +0000

Type Values Removed Values Added
Description Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.
Weaknesses CWE-288
References
Metrics cvssV3_0

{'score': 7.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Buffalo Fs-m1266 Fs-m1266 Firmware Fs-s1266 Fs-s1266 Firmware Vr-u300w Vr-u300w Firmware Vr-u500x Vr-u500x Firmware Wapm-1266r Wapm-1266r Firmware Wapm-1266wdpr Wapm-1266wdpr Firmware Wapm-1266wdpra Wapm-1266wdpra Firmware Wapm-1750d Wapm-1750d Firmware Wapm-2133r Wapm-2133r Firmware Wapm-2133tr Wapm-2133tr Firmware Wapm-ax4r Wapm-ax4r Firmware Wapm-ax8r Wapm-ax8r Firmware Wapm-axetr Wapm-axetr Firmware Waps-1266 Waps-1266 Firmware Waps-ax4 Waps-ax4 Firmware Wcr-1166dhpl Wcr-1166dhpl Firmware Wem-1266 Wem-1266 Firmware Wem-1266wp Wem-1266wp Firmware Wi-fi Router Products Wrm-d2133hp Wrm-d2133hp Firmware Wrm-d2133hs Wrm-d2133hs Firmware Wsr3600be4-kh Wsr3600be4-kh Firmware Wsr3600be4p Wsr3600be4p Firmware Wtr-m2133hp Wtr-m2133hp Firmware Wtr-m2133hs Wtr-m2133hs Firmware Wxr-1750dhp Wxr-1750dhp2 Wxr-1750dhp2 Firmware Wxr-1750dhp Firmware Wxr-1900dhp Wxr-1900dhp2 Wxr-1900dhp2 Firmware Wxr-1900dhp3 Wxr-1900dhp3 Firmware Wxr-1900dhp Firmware Wxr-5950ax12 Wxr-5950ax12 Firmware Wxr-6000ax12b Wxr-6000ax12b Firmware Wxr-6000ax12p Wxr-6000ax12p Firmware Wxr-6000ax12s Wxr-6000ax12s Firmware Wxr18000be10p Wxr18000be10p Firmware Wzr-1166dhp Wzr-1166dhp2 Wzr-1166dhp2 Firmware Wzr-1166dhp Firmware Wzr-1750dhp Wzr-1750dhp2 Wzr-1750dhp2 Firmware Wzr-1750dhp Firmware Wzr-600dhp Wzr-600dhp2 Wzr-600dhp2 Firmware Wzr-600dhp3 Wzr-600dhp3 Firmware Wzr-600dhp Firmware Wzr-900dhp Wzr-900dhp2 Wzr-900dhp2 Firmware Wzr-900dhp Firmware Wzr-s1750dhp Wzr-s1750dhp Firmware Wzr-s600dhp Wzr-s600dhp Firmware Wzr-s900dhp Wzr-s900dhp Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-03-27T19:53:19.116Z

Reserved: 2026-03-25T06:25:32.059Z

Link: CVE-2026-32678

cve-icon Vulnrichment

Updated: 2026-03-27T19:53:15.473Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-27T06:16:38.650

Modified: 2026-03-31T19:03:48.837

Link: CVE-2026-32678

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:55:43Z

Weaknesses