Description
Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.
Published: 2026-03-27
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service (Forced Reboot)
Action: Patch
AI Analysis

Impact

A missing authentication check in a critical reboot function of Buffalo Wi‑Fi routers allows an attacker to force a reboot without credentials. The flaw can disrupt network connectivity by causing the router to restart abruptly, potentially impacting all connected devices and services. This weakness exemplifies insufficient authentication leading to denial of service, and is classified as CWE‑306.

Affected Systems

The vulnerability affects all BUFFALO Wi‑Fi router products, as identified by the vendor. Specific model or firmware versions are not disclosed in the available information, so any device running the affected firmware is potentially at risk.

Risk and Exploitability

Based on the description, it is inferred that the attacker can trigger the reboot by sending the privileged command over the network, requiring only remote access to the router. The CVSS score of 6.9 indicates moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. With remote network exposure, the likelihood of exploitation is relatively high, as the attack does not require privileges beyond network connectivity.

Generated by OpenCVE AI on March 27, 2026 at 07:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware release provided by Buffalo to address the missing authentication flaw
  • If a patch is not yet available, restrict external access to the router’s administrative interfaces using a firewall or network segmentation
  • Consider disabling remote administration features if not needed, and enforce network security practices such as VLAN isolation

Generated by OpenCVE AI on March 27, 2026 at 07:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 31 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Buffalo fs-m1266
Buffalo fs-m1266 Firmware
Buffalo fs-s1266
Buffalo fs-s1266 Firmware
Buffalo vr-u300w
Buffalo vr-u300w Firmware
Buffalo vr-u500x
Buffalo vr-u500x Firmware
Buffalo wapm-1266r
Buffalo wapm-1266r Firmware
Buffalo wapm-1266wdpr
Buffalo wapm-1266wdpr Firmware
Buffalo wapm-1266wdpra
Buffalo wapm-1266wdpra Firmware
Buffalo wapm-1750d
Buffalo wapm-1750d Firmware
Buffalo wapm-2133r
Buffalo wapm-2133r Firmware
Buffalo wapm-2133tr
Buffalo wapm-2133tr Firmware
Buffalo wapm-ax4r
Buffalo wapm-ax4r Firmware
Buffalo wapm-ax8r
Buffalo wapm-ax8r Firmware
Buffalo wapm-axetr
Buffalo wapm-axetr Firmware
Buffalo waps-1266
Buffalo waps-1266 Firmware
Buffalo waps-ax4
Buffalo waps-ax4 Firmware
Buffalo wcr-1166dhpl
Buffalo wcr-1166dhpl Firmware
Buffalo wem-1266
Buffalo wem-1266 Firmware
Buffalo wem-1266wp
Buffalo wem-1266wp Firmware
Buffalo wrm-d2133hp
Buffalo wrm-d2133hp Firmware
Buffalo wrm-d2133hs
Buffalo wrm-d2133hs Firmware
Buffalo wsr3600be4-kh
Buffalo wsr3600be4-kh Firmware
Buffalo wsr3600be4p
Buffalo wsr3600be4p Firmware
Buffalo wtr-m2133hp
Buffalo wtr-m2133hp Firmware
Buffalo wtr-m2133hs
Buffalo wtr-m2133hs Firmware
Buffalo wxr-1750dhp
Buffalo wxr-1750dhp2
Buffalo wxr-1750dhp2 Firmware
Buffalo wxr-1750dhp Firmware
Buffalo wxr-1900dhp
Buffalo wxr-1900dhp2
Buffalo wxr-1900dhp2 Firmware
Buffalo wxr-1900dhp3
Buffalo wxr-1900dhp3 Firmware
Buffalo wxr-1900dhp Firmware
Buffalo wxr-5950ax12
Buffalo wxr-5950ax12 Firmware
Buffalo wxr-6000ax12b
Buffalo wxr-6000ax12b Firmware
Buffalo wxr-6000ax12p
Buffalo wxr-6000ax12p Firmware
Buffalo wxr-6000ax12s
Buffalo wxr-6000ax12s Firmware
Buffalo wxr18000be10p
Buffalo wxr18000be10p Firmware
Buffalo wzr-1166dhp
Buffalo wzr-1166dhp2
Buffalo wzr-1166dhp2 Firmware
Buffalo wzr-1166dhp Firmware
Buffalo wzr-1750dhp
Buffalo wzr-1750dhp2
Buffalo wzr-1750dhp2 Firmware
Buffalo wzr-1750dhp Firmware
Buffalo wzr-600dhp
Buffalo wzr-600dhp2
Buffalo wzr-600dhp2 Firmware
Buffalo wzr-600dhp3
Buffalo wzr-600dhp3 Firmware
Buffalo wzr-600dhp Firmware
Buffalo wzr-900dhp
Buffalo wzr-900dhp2
Buffalo wzr-900dhp2 Firmware
Buffalo wzr-900dhp Firmware
Buffalo wzr-s1750dhp
Buffalo wzr-s1750dhp Firmware
Buffalo wzr-s600dhp
Buffalo wzr-s600dhp Firmware
Buffalo wzr-s900dhp
Buffalo wzr-s900dhp Firmware
CPEs cpe:2.3:h:buffalo:fs-m1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:fs-s1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:vr-u300w:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:vr-u500x:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266wdpr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1266wdpra:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-1750d:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-2133r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-2133tr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-ax4r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-ax8r:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wapm-axetr:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:waps-1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:waps-ax4:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wcr-1166dhpl:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wem-1266:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wem-1266wp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wrm-d2133hp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wrm-d2133hs:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wsr3600be4-kh:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wsr3600be4p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wtr-m2133hp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wtr-m2133hs:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1750dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp3:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-1900dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-5950ax12:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12b:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr-6000ax12s:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wxr18000be10p:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1166dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1166dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s1750dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:fs-m1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:fs-s1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:vr-u300w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:vr-u500x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266wdpr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1266wdpra_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-1750d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-2133r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-2133tr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-ax4r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-ax8r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wapm-axetr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:waps-1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:waps-ax4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wcr-1166dhpl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wem-1266_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wem-1266wp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wrm-d2133hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wrm-d2133hs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wsr3600be4-kh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wsr3600be4p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wtr-m2133hp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wtr-m2133hs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1750dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-1900dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-5950ax12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr-6000ax12s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wxr18000be10p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1166dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-600dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-900dhp2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-900dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s600dhp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:buffalo:wzr-s900dhp_firmware:-:*:*:*:*:*:*:*
Vendors & Products Buffalo fs-m1266
Buffalo fs-m1266 Firmware
Buffalo fs-s1266
Buffalo fs-s1266 Firmware
Buffalo vr-u300w
Buffalo vr-u300w Firmware
Buffalo vr-u500x
Buffalo vr-u500x Firmware
Buffalo wapm-1266r
Buffalo wapm-1266r Firmware
Buffalo wapm-1266wdpr
Buffalo wapm-1266wdpr Firmware
Buffalo wapm-1266wdpra
Buffalo wapm-1266wdpra Firmware
Buffalo wapm-1750d
Buffalo wapm-1750d Firmware
Buffalo wapm-2133r
Buffalo wapm-2133r Firmware
Buffalo wapm-2133tr
Buffalo wapm-2133tr Firmware
Buffalo wapm-ax4r
Buffalo wapm-ax4r Firmware
Buffalo wapm-ax8r
Buffalo wapm-ax8r Firmware
Buffalo wapm-axetr
Buffalo wapm-axetr Firmware
Buffalo waps-1266
Buffalo waps-1266 Firmware
Buffalo waps-ax4
Buffalo waps-ax4 Firmware
Buffalo wcr-1166dhpl
Buffalo wcr-1166dhpl Firmware
Buffalo wem-1266
Buffalo wem-1266 Firmware
Buffalo wem-1266wp
Buffalo wem-1266wp Firmware
Buffalo wrm-d2133hp
Buffalo wrm-d2133hp Firmware
Buffalo wrm-d2133hs
Buffalo wrm-d2133hs Firmware
Buffalo wsr3600be4-kh
Buffalo wsr3600be4-kh Firmware
Buffalo wsr3600be4p
Buffalo wsr3600be4p Firmware
Buffalo wtr-m2133hp
Buffalo wtr-m2133hp Firmware
Buffalo wtr-m2133hs
Buffalo wtr-m2133hs Firmware
Buffalo wxr-1750dhp
Buffalo wxr-1750dhp2
Buffalo wxr-1750dhp2 Firmware
Buffalo wxr-1750dhp Firmware
Buffalo wxr-1900dhp
Buffalo wxr-1900dhp2
Buffalo wxr-1900dhp2 Firmware
Buffalo wxr-1900dhp3
Buffalo wxr-1900dhp3 Firmware
Buffalo wxr-1900dhp Firmware
Buffalo wxr-5950ax12
Buffalo wxr-5950ax12 Firmware
Buffalo wxr-6000ax12b
Buffalo wxr-6000ax12b Firmware
Buffalo wxr-6000ax12p
Buffalo wxr-6000ax12p Firmware
Buffalo wxr-6000ax12s
Buffalo wxr-6000ax12s Firmware
Buffalo wxr18000be10p
Buffalo wxr18000be10p Firmware
Buffalo wzr-1166dhp
Buffalo wzr-1166dhp2
Buffalo wzr-1166dhp2 Firmware
Buffalo wzr-1166dhp Firmware
Buffalo wzr-1750dhp
Buffalo wzr-1750dhp2
Buffalo wzr-1750dhp2 Firmware
Buffalo wzr-1750dhp Firmware
Buffalo wzr-600dhp
Buffalo wzr-600dhp2
Buffalo wzr-600dhp2 Firmware
Buffalo wzr-600dhp3
Buffalo wzr-600dhp3 Firmware
Buffalo wzr-600dhp Firmware
Buffalo wzr-900dhp
Buffalo wzr-900dhp2
Buffalo wzr-900dhp2 Firmware
Buffalo wzr-900dhp Firmware
Buffalo wzr-s1750dhp
Buffalo wzr-s1750dhp Firmware
Buffalo wzr-s600dhp
Buffalo wzr-s600dhp Firmware
Buffalo wzr-s900dhp
Buffalo wzr-s900dhp Firmware

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Buffalo
Buffalo wi-fi Router Products
Vendors & Products Buffalo
Buffalo wi-fi Router Products

Fri, 27 Mar 2026 09:30:00 +0000

Type Values Removed Values Added
Title Forced Reboot via Authentication Bypass on Buffalo Wi‑Fi Routers

Fri, 27 Mar 2026 06:00:00 +0000

Type Values Removed Values Added
Description Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.
Weaknesses CWE-306
References
Metrics cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Buffalo Fs-m1266 Fs-m1266 Firmware Fs-s1266 Fs-s1266 Firmware Vr-u300w Vr-u300w Firmware Vr-u500x Vr-u500x Firmware Wapm-1266r Wapm-1266r Firmware Wapm-1266wdpr Wapm-1266wdpr Firmware Wapm-1266wdpra Wapm-1266wdpra Firmware Wapm-1750d Wapm-1750d Firmware Wapm-2133r Wapm-2133r Firmware Wapm-2133tr Wapm-2133tr Firmware Wapm-ax4r Wapm-ax4r Firmware Wapm-ax8r Wapm-ax8r Firmware Wapm-axetr Wapm-axetr Firmware Waps-1266 Waps-1266 Firmware Waps-ax4 Waps-ax4 Firmware Wcr-1166dhpl Wcr-1166dhpl Firmware Wem-1266 Wem-1266 Firmware Wem-1266wp Wem-1266wp Firmware Wi-fi Router Products Wrm-d2133hp Wrm-d2133hp Firmware Wrm-d2133hs Wrm-d2133hs Firmware Wsr3600be4-kh Wsr3600be4-kh Firmware Wsr3600be4p Wsr3600be4p Firmware Wtr-m2133hp Wtr-m2133hp Firmware Wtr-m2133hs Wtr-m2133hs Firmware Wxr-1750dhp Wxr-1750dhp2 Wxr-1750dhp2 Firmware Wxr-1750dhp Firmware Wxr-1900dhp Wxr-1900dhp2 Wxr-1900dhp2 Firmware Wxr-1900dhp3 Wxr-1900dhp3 Firmware Wxr-1900dhp Firmware Wxr-5950ax12 Wxr-5950ax12 Firmware Wxr-6000ax12b Wxr-6000ax12b Firmware Wxr-6000ax12p Wxr-6000ax12p Firmware Wxr-6000ax12s Wxr-6000ax12s Firmware Wxr18000be10p Wxr18000be10p Firmware Wzr-1166dhp Wzr-1166dhp2 Wzr-1166dhp2 Firmware Wzr-1166dhp Firmware Wzr-1750dhp Wzr-1750dhp2 Wzr-1750dhp2 Firmware Wzr-1750dhp Firmware Wzr-600dhp Wzr-600dhp2 Wzr-600dhp2 Firmware Wzr-600dhp3 Wzr-600dhp3 Firmware Wzr-600dhp Firmware Wzr-900dhp Wzr-900dhp2 Wzr-900dhp2 Firmware Wzr-900dhp Firmware Wzr-s1750dhp Wzr-s1750dhp Firmware Wzr-s600dhp Wzr-s600dhp Firmware Wzr-s900dhp Wzr-s900dhp Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-03-27T19:37:52.746Z

Reserved: 2026-03-25T06:25:35.445Z

Link: CVE-2026-33366

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-03-27T06:16:38.997

Modified: 2026-03-31T19:03:18.543

Link: CVE-2026-33366

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-30T07:02:20Z

Weaknesses