CVE-2026-32678

EUVD-2026-16547
Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
buffalowzr-s900dhp_firmware
-
buffalowcr-1166dhpl_firmware
𝑥
< 1.01
buffalowsr3600be4-kh_firmware
𝑥
< 6.02
buffalowsr3600be4p_firmware
𝑥
< 5.02
buffalowxr-1750dhp_firmware
𝑥
< 2.63
buffalowxr-1750dhp2_firmware
𝑥
< 2.63
buffalowxr18000be10p_firmware
𝑥
< 5.03
buffalowxr-1900dhp_firmware
𝑥
< 2.53
buffalowxr-1900dhp2_firmware
𝑥
< 2.62
buffalowxr-1900dhp3_firmware
𝑥
< 2.66
buffalowxr-5950ax12_firmware
𝑥
< 3.57
buffalowxr-6000ax12b_firmware
𝑥
< 3.57
buffalowxr-6000ax12p_firmware
𝑥
< 3.57
buffalowxr-6000ax12s_firmware
𝑥
< 3.57
buffalowzr-1166dhp_firmware
𝑥
< 2.20
buffalowzr-1166dhp2_firmware
𝑥
< 2.20
buffalowzr-1750dhp_firmware
𝑥
< 2.32
buffalowzr-1750dhp2_firmware
𝑥
< 2.33
buffalowzr-s1750dhp_firmware
𝑥
< 2.34
buffalowrm-d2133hp_firmware
𝑥
< 3.01
buffalowrm-d2133hs_firmware
𝑥
< 3.01
buffalowtr-m2133hp_firmware
𝑥
< 3.01
buffalowtr-m2133hs_firmware
𝑥
< 3.01
buffalowem-1266_firmware
𝑥
< 2.87
buffalowem-1266wp_firmware
𝑥
< 2.87
buffalovr-u300w_firmware
𝑥
< 1.42
buffalovr-u500x_firmware
𝑥
< 1.42
buffalowapm-1266r_firmware
𝑥
< 1.42
buffalowapm-1266wdpr_firmware
𝑥
< 1.42
buffalowapm-1266wdpra_firmware
𝑥
< 1.42
buffalowapm-1750d_firmware
𝑥
< 1.07
buffalowapm-2133r_firmware
𝑥
< 1.42
buffalowapm-2133tr_firmware
𝑥
< 1.42
buffalowapm-ax4r_firmware
𝑥
< 1.42
buffalowapm-ax8r_firmware
𝑥
< 1.42
buffalowapm-axetr_firmware
𝑥
< 1.42
buffalowaps-1266_firmware
𝑥
< 1.42
buffalowaps-ax4_firmware
𝑥
< 1.42
buffalofs-m1266_firmware
𝑥
< 4.13
buffalofs-s1266_firmware
𝑥
< 4.13
buffalowzr-600dhp_firmware
-
buffalowzr-600dhp2_firmware
-
buffalowzr-600dhp3_firmware
-
buffalowzr-900dhp_firmware
-
buffalowzr-900dhp2_firmware
-
buffalowzr-s600dhp_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://jvn.jp/en/jp/JVN83788689/
https://www.buffalo.jp/news/detail/20260323-01.html