Description
Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.
Published: 2026-03-27
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Forced Reboot (Availability)
Action: Patch
AI Analysis

Impact

Missing authentication for a critical function allows an attacker to forcibly reboot a Buffalo Wi‑Fi router. The described vulnerability enables a reboot command to be issued without valid credentials, leading to a brief loss of connectivity for all users of the device. The impact is limited to availability; there is no evidence that confidentiality or integrity is compromised, and the vulnerability does not allow arbitrary code execution.

Affected Systems

The flaw affects a broad set of Buffalo router models, including the FS‑M1266, FS‑S1266, VR‑U300W, VR‑U500X, various WAPM, WAPS, WCR, WEM, WRM, WSR3600, WTR, WX‑R, and WZR series. All firmware versions that implement the exposed reboot function are vulnerable. Owners of any of these models should verify the firmware version and apply updates if available.

Risk and Exploitability

The CVSS score of 6.9 indicates medium severity. The EPSS score of less than 1 % suggests that exploitation is unlikely in the wild. Information on existing public exploits is unavailable, and the vulnerability is not listed in CISA’s KEV catalog. The anplied attack vector is inferred to be remote network access to the router’s administrative interface or an exposed management protocol, as the description indicates bypass of authentication. An attacker only needs network reachability to trigger the reboot, requiring no credentials. The resulting denial of service is short‑term, occurring when the unit restarts, but repeated forced reboots could degrade availability and degrade user experience.

Generated by OpenCVE AI on April 1, 2026 at 04:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update from Buffalo that resolves the authentication bypass for the reboot function.
  • If a patch is not yet available, disable remote access to the router’s administrative web interface or restrict it to trusted internal networks.
  • Monitor device logs for unexpected reboot events to detect potential exploitation attempts.

Generated by OpenCVE AI on April 1, 2026 at 04:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Title Forced Reboot via Authentication Bypass on Buffalo Wi‑Fi Routers

Tue, 31 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Buffalo fs-m1266
Buffalo fs-m1266 Firmware
Buffalo fs-s1266
Buffalo fs-s1266 Firmware
Buffalo vr-u300w
Buffalo vr-u300w Firmware
Buffalo vr-u500x
Buffalo vr-u500x Firmware
Buffalo wapm-1266r
Buffalo wapm-1266r Firmware
Buffalo wapm-1266wdpr
Buffalo wapm-1266wdpr Firmware
Buffalo wapm-1266wdpra
Buffalo wapm-1266wdpra Firmware
Buffalo wapm-1750d
Buffalo wapm-1750d Firmware
Buffalo wapm-2133r
Buffalo wapm-2133r Firmware
Buffalo wapm-2133tr
Buffalo wapm-2133tr Firmware
Buffalo wapm-ax4r
Buffalo wapm-ax4r Firmware
Buffalo wapm-ax8r
Buffalo wapm-ax8r Firmware
Buffalo wapm-axetr
Buffalo wapm-axetr Firmware
Buffalo waps-1266
Buffalo waps-1266 Firmware
Buffalo waps-ax4
Buffalo waps-ax4 Firmware
Buffalo wcr-1166dhpl
Buffalo wcr-1166dhpl Firmware
Buffalo wem-1266
Buffalo wem-1266 Firmware
Buffalo wem-1266wp
Buffalo wem-1266wp Firmware
Buffalo wrm-d2133hp
Buffalo wrm-d2133hp Firmware
Buffalo wrm-d2133hs
Buffalo wrm-d2133hs Firmware
Buffalo wsr3600be4-kh
Buffalo wsr3600be4-kh Firmware
Buffalo wsr3600be4p
Buffalo wsr3600be4p Firmware
Buffalo wtr-m2133hp
Buffalo wtr-m2133hp Firmware
Buffalo wtr-m2133hs
Buffalo wtr-m2133hs Firmware
Buffalo wxr-1750dhp
Buffalo wxr-1750dhp2
Buffalo wxr-1750dhp2 Firmware
Buffalo wxr-1750dhp Firmware
Buffalo wxr-1900dhp
Buffalo wxr-1900dhp2
Buffalo wxr-1900dhp2 Firmware
Buffalo wxr-1900dhp3
Buffalo wxr-1900dhp3 Firmware
Buffalo wxr-1900dhp Firmware
Buffalo wxr-5950ax12
Buffalo wxr-5950ax12 Firmware
Buffalo wxr-6000ax12b
Buffalo wxr-6000ax12b Firmware
Buffalo wxr-6000ax12p
Buffalo wxr-6000ax12p Firmware
Buffalo wxr-6000ax12s
Buffalo wxr-6000ax12s Firmware
Buffalo wxr18000be10p
Buffalo wxr18000be10p Firmware
Buffalo wzr-1166dhp
Buffalo wzr-1166dhp2
Buffalo wzr-1166dhp2 Firmware
Buffalo wzr-1166dhp Firmware
Buffalo wzr-1750dhp
Buffalo wzr-1750dhp2
Buffalo wzr-1750dhp2 Firmware
Buffalo wzr-1750dhp Firmware
Buffalo wzr-600dhp
Buffalo wzr-600dhp2
Buffalo wzr-600dhp2 Firmware
Buffalo wzr-600dhp3
Buffalo wzr-600dhp3 Firmware
Buffalo wzr-600dhp Firmware
Buffalo wzr-900dhp
Buffalo wzr-900dhp2
Buffalo wzr-900dhp2 Firmware
Buffalo wzr-900dhp Firmware
Buffalo wzr-s1750dhp
Buffalo wzr-s1750dhp Firmware
Buffalo wzr-s600dhp
Buffalo wzr-s600dhp Firmware
Buffalo wzr-s900dhp
Buffalo wzr-s900dhp Firmware
CPEs cpe:2.3:h:buffalo:fs-m1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-s1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:vr-u300w:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:vr-u500x:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266wdpr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266wdpra:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1750d:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-2133r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-2133tr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-ax4r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-ax8r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-axetr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:waps-1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:waps-ax4:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wcr-1166dhpl:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wem-1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wem-1266wp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wrm-d2133hp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wrm-d2133hs:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wsr3600be4-kh:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wsr3600be4p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wtr-m2133hp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wtr-m2133hs:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1750dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp3:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-5950ax12:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12b:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12s:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr18000be10p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1166dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1166dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:fs-m1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:fs-s1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:vr-u300w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:vr-u500x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266wdpr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266wdpra_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1750d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-2133r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-2133tr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-ax4r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-ax8r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-axetr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:waps-1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:waps-ax4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wcr-1166dhpl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wem-1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wem-1266wp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wrm-d2133hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wrm-d2133hs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wsr3600be4-kh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wsr3600be4p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wtr-m2133hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wtr-m2133hs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1750dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-5950ax12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr18000be10p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1166dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-900dhp2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-900dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s600dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s900dhp_firmware:-:*:*:*:*:*:*:*
Vendors & Products Buffalo fs-m1266
Buffalo fs-m1266 Firmware
Buffalo fs-s1266
Buffalo fs-s1266 Firmware
Buffalo vr-u300w
Buffalo vr-u300w Firmware
Buffalo vr-u500x
Buffalo vr-u500x Firmware
Buffalo wapm-1266r
Buffalo wapm-1266r Firmware
Buffalo wapm-1266wdpr
Buffalo wapm-1266wdpr Firmware
Buffalo wapm-1266wdpra
Buffalo wapm-1266wdpra Firmware
Buffalo wapm-1750d
Buffalo wapm-1750d Firmware
Buffalo wapm-2133r
Buffalo wapm-2133r Firmware
Buffalo wapm-2133tr
Buffalo wapm-2133tr Firmware
Buffalo wapm-ax4r
Buffalo wapm-ax4r Firmware
Buffalo wapm-ax8r
Buffalo wapm-ax8r Firmware
Buffalo wapm-axetr
Buffalo wapm-axetr Firmware
Buffalo waps-1266
Buffalo waps-1266 Firmware
Buffalo waps-ax4
Buffalo waps-ax4 Firmware
Buffalo wcr-1166dhpl
Buffalo wcr-1166dhpl Firmware
Buffalo wem-1266
Buffalo wem-1266 Firmware
Buffalo wem-1266wp
Buffalo wem-1266wp Firmware
Buffalo wrm-d2133hp
Buffalo wrm-d2133hp Firmware
Buffalo wrm-d2133hs
Buffalo wrm-d2133hs Firmware
Buffalo wsr3600be4-kh
Buffalo wsr3600be4-kh Firmware
Buffalo wsr3600be4p
Buffalo wsr3600be4p Firmware
Buffalo wtr-m2133hp
Buffalo wtr-m2133hp Firmware
Buffalo wtr-m2133hs
Buffalo wtr-m2133hs Firmware
Buffalo wxr-1750dhp
Buffalo wxr-1750dhp2
Buffalo wxr-1750dhp2 Firmware
Buffalo wxr-1750dhp Firmware
Buffalo wxr-1900dhp
Buffalo wxr-1900dhp2
Buffalo wxr-1900dhp2 Firmware
Buffalo wxr-1900dhp3
Buffalo wxr-1900dhp3 Firmware
Buffalo wxr-1900dhp Firmware
Buffalo wxr-5950ax12
Buffalo wxr-5950ax12 Firmware
Buffalo wxr-6000ax12b
Buffalo wxr-6000ax12b Firmware
Buffalo wxr-6000ax12p
Buffalo wxr-6000ax12p Firmware
Buffalo wxr-6000ax12s
Buffalo wxr-6000ax12s Firmware
Buffalo wxr18000be10p
Buffalo wxr18000be10p Firmware
Buffalo wzr-1166dhp
Buffalo wzr-1166dhp2
Buffalo wzr-1166dhp2 Firmware
Buffalo wzr-1166dhp Firmware
Buffalo wzr-1750dhp
Buffalo wzr-1750dhp2
Buffalo wzr-1750dhp2 Firmware
Buffalo wzr-1750dhp Firmware
Buffalo wzr-600dhp
Buffalo wzr-600dhp2
Buffalo wzr-600dhp2 Firmware
Buffalo wzr-600dhp3
Buffalo wzr-600dhp3 Firmware
Buffalo wzr-600dhp Firmware
Buffalo wzr-900dhp
Buffalo wzr-900dhp2
Buffalo wzr-900dhp2 Firmware
Buffalo wzr-900dhp Firmware
Buffalo wzr-s1750dhp
Buffalo wzr-s1750dhp Firmware
Buffalo wzr-s600dhp
Buffalo wzr-s600dhp Firmware
Buffalo wzr-s900dhp
Buffalo wzr-s900dhp Firmware

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Buffalo
Buffalo wi-fi Router Products
Vendors & Products Buffalo
Buffalo wi-fi Router Products

Fri, 27 Mar 2026 09:30:00 +0000

Type Values Removed Values Added
Title Forced Reboot via Authentication Bypass on Buffalo Wi‑Fi Routers

Fri, 27 Mar 2026 06:00:00 +0000

Type Values Removed Values Added
Description Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.
Weaknesses CWE-306
References
Metrics cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Buffalo Fs-m1266 Fs-m1266 Firmware Fs-s1266 Fs-s1266 Firmware Vr-u300w Vr-u300w Firmware Vr-u500x Vr-u500x Firmware Wapm-1266r Wapm-1266r Firmware Wapm-1266wdpr Wapm-1266wdpr Firmware Wapm-1266wdpra Wapm-1266wdpra Firmware Wapm-1750d Wapm-1750d Firmware Wapm-2133r Wapm-2133r Firmware Wapm-2133tr Wapm-2133tr Firmware Wapm-ax4r Wapm-ax4r Firmware Wapm-ax8r Wapm-ax8r Firmware Wapm-axetr Wapm-axetr Firmware Waps-1266 Waps-1266 Firmware Waps-ax4 Waps-ax4 Firmware Wcr-1166dhpl Wcr-1166dhpl Firmware Wem-1266 Wem-1266 Firmware Wem-1266wp Wem-1266wp Firmware Wi-fi Router Products Wrm-d2133hp Wrm-d2133hp Firmware Wrm-d2133hs Wrm-d2133hs Firmware Wsr3600be4-kh Wsr3600be4-kh Firmware Wsr3600be4p Wsr3600be4p Firmware Wtr-m2133hp Wtr-m2133hp Firmware Wtr-m2133hs Wtr-m2133hs Firmware Wxr-1750dhp Wxr-1750dhp2 Wxr-1750dhp2 Firmware Wxr-1750dhp Firmware Wxr-1900dhp Wxr-1900dhp2 Wxr-1900dhp2 Firmware Wxr-1900dhp3 Wxr-1900dhp3 Firmware Wxr-1900dhp Firmware Wxr-5950ax12 Wxr-5950ax12 Firmware Wxr-6000ax12b Wxr-6000ax12b Firmware Wxr-6000ax12p Wxr-6000ax12p Firmware Wxr-6000ax12s Wxr-6000ax12s Firmware Wxr18000be10p Wxr18000be10p Firmware Wzr-1166dhp Wzr-1166dhp2 Wzr-1166dhp2 Firmware Wzr-1166dhp Firmware Wzr-1750dhp Wzr-1750dhp2 Wzr-1750dhp2 Firmware Wzr-1750dhp Firmware Wzr-600dhp Wzr-600dhp2 Wzr-600dhp2 Firmware Wzr-600dhp3 Wzr-600dhp3 Firmware Wzr-600dhp Firmware Wzr-900dhp Wzr-900dhp2 Wzr-900dhp2 Firmware Wzr-900dhp Firmware Wzr-s1750dhp Wzr-s1750dhp Firmware Wzr-s600dhp Wzr-s600dhp Firmware Wzr-s900dhp Wzr-s900dhp Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-03-27T19:37:52.746Z

Reserved: 2026-03-25T06:25:35.445Z

Link: CVE-2026-33366

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-03-27T06:16:38.997

Modified: 2026-03-31T19:03:18.543

Link: CVE-2026-33366

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:55:41Z

Weaknesses