CVE-2026-33280

EPSS 0.09%
Veröffentlicht 27.03.2026 05:25:41
Zuletzt bearbeitet 31.03.2026 19:03:40
Quelle vultures@jpcert.or.jp
CVE-Watchlists
Login
Unerledigt
Login

Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Buffalo ≫ Wcr-1166dhpl Firmware Version < 1.01

Buffalo ≫ Wcr-1166dhpl Version-

Buffalo ≫ Wsr3600be4-kh Firmware Version < 6.02

Buffalo ≫ Wsr3600be4-kh Version-

Buffalo ≫ Wsr3600be4p Firmware Version < 5.02

Buffalo ≫ Wsr3600be4p Version-

Buffalo ≫ Wxr-1750dhp Firmware Version < 2.63

Buffalo ≫ Wxr-1750dhp Version-

Buffalo ≫ Wxr-1750dhp2 Firmware Version < 2.63

Buffalo ≫ Wxr-1750dhp2 Version-

Buffalo ≫ Wxr18000be10p Firmware Version < 5.03

Buffalo ≫ Wxr18000be10p Version-

Buffalo ≫ Wxr-1900dhp Firmware Version < 2.53

Buffalo ≫ Wxr-1900dhp Version-

Buffalo ≫ Wxr-1900dhp2 Firmware Version < 2.62

Buffalo ≫ Wxr-1900dhp2 Version-

Buffalo ≫ Wxr-1900dhp3 Firmware Version < 2.66

Buffalo ≫ Wxr-1900dhp3 Version-

Buffalo ≫ Wxr-5950ax12 Firmware Version < 3.57

Buffalo ≫ Wxr-5950ax12 Version-

Buffalo ≫ Wxr-6000ax12b Firmware Version < 3.57

Buffalo ≫ Wxr-6000ax12b Version-

Buffalo ≫ Wxr-6000ax12p Firmware Version < 3.57

Buffalo ≫ Wxr-6000ax12p Version-

Buffalo ≫ Wxr-6000ax12s Firmware Version < 3.57

Buffalo ≫ Wxr-6000ax12s Version-

Buffalo ≫ Wzr-1166dhp Firmware Version < 2.20

Buffalo ≫ Wzr-1166dhp Version-

Buffalo ≫ Wzr-1166dhp2 Firmware Version < 2.20

Buffalo ≫ Wzr-1166dhp2 Version-

Buffalo ≫ Wzr-1750dhp Firmware Version < 2.32

Buffalo ≫ Wzr-1750dhp Version-

Buffalo ≫ Wzr-1750dhp2 Firmware Version < 2.33

Buffalo ≫ Wzr-1750dhp2 Version-

Buffalo ≫ Wzr-s1750dhp Firmware Version < 2.34

Buffalo ≫ Wzr-s1750dhp Version-

Buffalo ≫ Wrm-d2133hp Firmware Version < 3.01

Buffalo ≫ Wrm-d2133hp Version-

Buffalo ≫ Wrm-d2133hs Firmware Version < 3.01

Buffalo ≫ Wrm-d2133hs Version-

Buffalo ≫ Wtr-m2133hp Firmware Version < 3.01

Buffalo ≫ Wtr-m2133hp Version-

Buffalo ≫ Wtr-m2133hs Firmware Version < 3.01

Buffalo ≫ Wtr-m2133hs Version-

Buffalo ≫ Wem-1266 Firmware Version < 2.87

Buffalo ≫ Wem-1266 Version-

Buffalo ≫ Wem-1266wp Firmware Version < 2.87

Buffalo ≫ Wem-1266wp Version-

Buffalo ≫ Vr-u300w Firmware Version < 1.42

Buffalo ≫ Vr-u300w Version-

Buffalo ≫ Vr-u500x Firmware Version < 1.42

Buffalo ≫ Vr-u500x Version-

Buffalo ≫ Wapm-1266r Firmware Version < 1.42

Buffalo ≫ Wapm-1266r Version-

Buffalo ≫ Wapm-1266wdpr Firmware Version < 1.42

Buffalo ≫ Wapm-1266wdpr Version-

Buffalo ≫ Wapm-1266wdpra Firmware Version < 1.42

Buffalo ≫ Wapm-1266wdpra Version-

Buffalo ≫ Wapm-1750d Firmware Version < 1.07

Buffalo ≫ Wapm-1750d Version-

Buffalo ≫ Wapm-2133r Firmware Version < 1.42

Buffalo ≫ Wapm-2133r Version-

Buffalo ≫ Wapm-2133tr Firmware Version < 1.42

Buffalo ≫ Wapm-2133tr Version-

Buffalo ≫ Wapm-ax4r Firmware Version < 1.42

Buffalo ≫ Wapm-ax4r Version-

Buffalo ≫ Wapm-ax8r Firmware Version < 1.42

Buffalo ≫ Wapm-ax8r Version-

Buffalo ≫ Wapm-axetr Firmware Version < 1.42

Buffalo ≫ Wapm-axetr Version-

Buffalo ≫ Waps-1266 Firmware Version < 1.42

Buffalo ≫ Waps-1266 Version-

Buffalo ≫ Waps-ax4 Firmware Version < 1.42

Buffalo ≫ Waps-ax4 Version-

Buffalo ≫ Fs-m1266 Firmware Version < 4.13

Buffalo ≫ Fs-m1266 Version-

Buffalo ≫ Fs-s1266 Firmware Version < 4.13

Buffalo ≫ Fs-s1266 Version-

Buffalo ≫ Wzr-600dhp Firmware Version-

Buffalo ≫ Wzr-600dhp Version-

Buffalo ≫ Wzr-600dhp2 Firmware Version-

Buffalo ≫ Wzr-600dhp2 Version-

Buffalo ≫ Wzr-600dhp3 Firmware Version-

Buffalo ≫ Wzr-600dhp3 Version-

Buffalo ≫ Wzr-900dhp Firmware Version-

Buffalo ≫ Wzr-900dhp Version-

Buffalo ≫ Wzr-900dhp2 Firmware Version-

Buffalo ≫ Wzr-900dhp2 Version-

Buffalo ≫ Wzr-s600dhp Firmware Version-

Buffalo ≫ Wzr-s600dhp Version-

Buffalo ≫ Wzr-s900dhp Firmware Version-

Buffalo ≫ Wzr-s900dhp Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.26

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vultures@jpcert.or.jp	8.6	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vultures@jpcert.or.jp	7.2	1.2	5.9	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-912 Hidden Functionality

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

https://www.buffalo.jp/news/detail/20260323-01.html

Vendor Advisory

https://jvn.jp/en/jp/JVN83788689/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-33280

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-33280

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-33280

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-33280