CVE-2026-32678 (GCVE-0-2026-32678)

Vulnerability from cvelistv5 – Published: 2026-03-27 05:25 – Updated: 2026-03-27 19:53
VLAI?
Summary
Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.
Severity ?
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
8.7 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
CWE
  • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
Vendor Product Version
BUFFALO INC. BUFFALO Wi-Fi router products Affected: See "References" section
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32678",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T19:53:10.762357Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T19:53:19.116Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BUFFALO Wi-Fi router products",
          "vendor": "BUFFALO INC.",
          "versions": [
            {
              "status": "affected",
              "version": "See \"References\" section"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T05:25:19.851Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.buffalo.jp/news/detail/20260323-01.html"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN83788689/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2026-32678",
    "datePublished": "2026-03-27T05:25:19.851Z",
    "dateReserved": "2026-03-25T06:25:32.059Z",
    "dateUpdated": "2026-03-27T19:53:19.116Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-32678\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2026-03-27T06:16:38.650\",\"lastModified\":\"2026-03-31T19:03:48.837\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV30\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-288\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-s900dhp_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB08C247-2C08-4E90-9D26-D6FC878E7FDC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7C186F6-8DE5-4C82-8403-D3BB76069FCE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wcr-1166dhpl_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.01\",\"matchCriteriaId\":\"70DE69B3-85D4-4FEF-AC34-3ED1BCA72455\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wcr-1166dhpl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52B41DFC-E60C-4BFF-8AB2-C6FB67194F98\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wsr3600be4-kh_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.02\",\"matchCriteriaId\":\"57CD1A07-ADEB-43C6-BBD6-50F5CA3A1AAF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wsr3600be4-kh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E3EE1F5-07F2-428D-B5EB-071657EBCA96\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wsr3600be4p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.02\",\"matchCriteriaId\":\"C6610DCC-EAEC-4464-880A-F19D7D823FEA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wsr3600be4p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD39E5F5-860E-4532-8E83-A6E36B30510E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-1750dhp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.63\",\"matchCriteriaId\":\"DED9D3D6-D64E-4E23-ACAF-02183CC8C619\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-1750dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22CD8F33-A455-4E4B-9351-CBBDA511E9D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-1750dhp2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.63\",\"matchCriteriaId\":\"0530F376-C6FB-40CB-8F2B-C669EF97485F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-1750dhp2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7114614E-63C7-43DF-B778-CCDC4B753CA7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr18000be10p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.03\",\"matchCriteriaId\":\"C778B15C-D7A4-4671-8BE7-A46F0F2A010D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr18000be10p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"873F681B-D7E9-47C3-BD50-FFBA545BF19D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-1900dhp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.53\",\"matchCriteriaId\":\"C3833629-E892-4522-A641-930FE1DF04FD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-1900dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F2F4145-1A55-41CE-9358-0192B69CA8E8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.62\",\"matchCriteriaId\":\"47EA0EBF-EB1F-450B-8E44-E61768A647E1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"519FDA6D-520A-4FF9-A1FC-3144CB24B7D0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-1900dhp3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.66\",\"matchCriteriaId\":\"060538D8-4D22-4BDB-8032-5C8388637508\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-1900dhp3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5F5D9D-27F8-463E-B2B8-F4E77FAC648B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-5950ax12_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.57\",\"matchCriteriaId\":\"3619D0E7-E58D-4920-A1A4-8BD83534F6D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-5950ax12:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703CB818-F27B-4981-A8F3-D5DD400767A2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-6000ax12b_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.57\",\"matchCriteriaId\":\"6107C437-069C-4090-958D-D4FA5F78C349\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-6000ax12b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94539115-283E-4C54-A51F-D519F48B2FB2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-6000ax12p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.57\",\"matchCriteriaId\":\"8706D545-7D8A-41FF-91FF-2C82554068F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-6000ax12p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7BA869-029D-406B-B663-ADA58B94C8A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wxr-6000ax12s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.57\",\"matchCriteriaId\":\"A5250BC1-81E7-48C5-9363-AC3A55A02CE6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wxr-6000ax12s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F718396-BB2C-4DA2-823B-178EC0F9101C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-1166dhp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.20\",\"matchCriteriaId\":\"58B5B299-15EE-4ADB-ABD9-ADAF4E432006\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-1166dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98CE6294-43B2-4043-98A5-BCCAF17214C3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.20\",\"matchCriteriaId\":\"C2E92E3E-315E-4482-B404-29E460BB220D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-1166dhp2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"740500B4-8CEC-4044-8FE7-194FD0894534\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-1750dhp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.32\",\"matchCriteriaId\":\"9C72B17A-BBD3-430E-914D-D2E77254F969\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-1750dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55459AEE-CE6D-4A4B-9B59-572EDFD51984\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.33\",\"matchCriteriaId\":\"5DC3840D-47FD-4C70-B4CF-0B00B42799D7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBFF4B91-1173-4346-A1ED-60B37F7B44DA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.34\",\"matchCriteriaId\":\"4D174F69-BC6E-435A-8A7C-CA33DD829A1D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-s1750dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A2F15AE-7A2C-46C0-8961-10180279FEB5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wrm-d2133hp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.01\",\"matchCriteriaId\":\"06640D46-FE11-491A-83B5-5C4113823DED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wrm-d2133hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7230C72-57D3-4C1C-8DCD-121926C018AF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wrm-d2133hs_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.01\",\"matchCriteriaId\":\"259E1929-93EB-41B8-8C13-862300230FBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wrm-d2133hs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"346D031C-A92D-4D59-A15B-994A2D69BD8C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wtr-m2133hp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.01\",\"matchCriteriaId\":\"0E4C5694-04B1-47A2-BEAD-40BE6D43279E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wtr-m2133hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57A0A9C4-964B-4170-9CA5-2FAB65BE6E2B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wtr-m2133hs_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.01\",\"matchCriteriaId\":\"51BDED0A-BC25-43FD-AE54-451F5EF29BAB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wtr-m2133hs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ADB3632-6A5D-420A-8FB8-FAA6BB8A50F2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wem-1266_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.87\",\"matchCriteriaId\":\"2D7EDE52-D795-4C10-A8F1-ADCB31A0A359\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wem-1266:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F40FA714-2CD3-40B6-8F19-F0DE25320AF9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wem-1266wp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.87\",\"matchCriteriaId\":\"D1E67DFA-16D9-41B9-8686-F2319174248E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wem-1266wp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4988258A-FDA2-4402-A917-A9741D32FD79\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:vr-u300w_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"CF9890A3-663A-4992-AB25-EB479C3212D0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:vr-u300w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FD4231B-5E7C-429E-9E0C-8CD3C6640FD6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:vr-u500x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"34DA3705-4BEB-40F9-95F6-9BFEB6CDB641\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:vr-u500x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37A81286-64F0-4748-8BC4-57E0737FB7F7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-1266r_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"381BE4D5-F1DE-4E99-974E-AABD2BF0EAF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-1266r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BC85B49-6F64-4514-9466-E896D92FB33E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-1266wdpr_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"C8A917E9-5D21-43C2-B005-9708D2D9BF66\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-1266wdpr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A04A468D-CD3A-47EF-96A4-E653A1CF2AB0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-1266wdpra_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"848F228C-0DB2-4683-9FAD-C2A3983E0161\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-1266wdpra:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7195B49B-00B5-4F43-A1A5-038B155667BA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-1750d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.07\",\"matchCriteriaId\":\"9A9BB1BB-E3BD-4C17-A7EF-9A7941A84976\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-1750d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47AD091A-8AC5-49B4-AD77-8B325C5A47DE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-2133r_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"565EA741-24AC-4D03-9CCE-E2DC310A9CC7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-2133r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA15CF1-F1A5-491B-8BA3-450D0205FB03\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-2133tr_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"89FD7298-F6B5-4CF5-9CD2-482E4DF648AB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-2133tr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75EB5E4D-45BC-4805-8B96-7386F38ACED3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-ax4r_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"01CA1028-7357-4C17-98E3-228155EB02BA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-ax4r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06093D67-369A-4A85-8669-699E526EDE5C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-ax8r_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"CA0E48ED-DD3F-428E-8F92-3D2C360E9CB1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-ax8r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7FAC875-FA4E-4F5C-BB45-1850A472B188\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wapm-axetr_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"BE54C16D-A1BB-4545-91C2-0E1C51CCE05A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wapm-axetr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"801BACC4-D599-4FF8-9E69-CF78EEA9DAF4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:waps-1266_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"76BB0D3E-6F8B-420D-8ACC-26BAED31E1B7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:waps-1266:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6C43BE0-B5D9-42F3-850F-E613C25F512F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:waps-ax4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.42\",\"matchCriteriaId\":\"7887E1FC-51A6-4BB6-A778-D8AD0FB4E2E4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:waps-ax4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"971A3821-760E-4B4E-AB8D-57EF1BCC743D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:fs-m1266_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.13\",\"matchCriteriaId\":\"51510CF5-ACDB-4111-8427-B6C4A168025F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:fs-m1266:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43994150-6056-4560-89F3-9D9B4B5BEF7C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:fs-s1266_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.13\",\"matchCriteriaId\":\"94EFF27A-665B-406E-AC0D-43FD4CE35F5C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:fs-s1266:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC69059-F0B0-4480-B882-D23847CC0D39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-600dhp_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0090140-CA70-4747-A5E9-A9AF00FC8AE2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06AF9040-7F63-4E80-82DD-7448320BC940\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-600dhp2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C78A3795-B001-403E-AECB-F2110B784B42\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9271B665-2267-4C24-92FD-B1CBCB2F0F59\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-600dhp3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61C5E983-8161-4DDD-9122-C30D8E056AD1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"303225E6-81C0-4A2F-81A3-51E508DDA0EE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-900dhp_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D219F2A-2A04-4305-A3AF-2DA61F760E0B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8BD47F3-29D0-4B34-A346-C0042FBD75ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-900dhp2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E509B551-A2AB-4483-9111-EEB0433EE430\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"247B99DF-EE96-40C3-89FC-706DE878ABFE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:buffalo:wzr-s600dhp_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"980BCDBD-BDF1-429A-A24B-51B4DE26D429\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75434B7A-2633-4981-B99D-33448883BC61\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/en/jp/JVN83788689/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.buffalo.jp/news/detail/20260323-01.html\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32678\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-27T19:53:10.762357Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-27T19:53:15.473Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"BUFFALO INC.\", \"product\": \"BUFFALO Wi-Fi router products\", \"versions\": [{\"status\": \"affected\", \"version\": \"See \\\"References\\\" section\"}]}], \"references\": [{\"url\": \"https://www.buffalo.jp/news/detail/20260323-01.html\"}, {\"url\": \"https://jvn.jp/en/jp/JVN83788689/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-288\", \"description\": \"Authentication Bypass Using an Alternate Path or Channel\"}]}], \"providerMetadata\": {\"orgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"shortName\": \"jpcert\", \"dateUpdated\": \"2026-03-27T05:25:19.851Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-32678\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-27T19:53:19.116Z\", \"dateReserved\": \"2026-03-25T06:25:32.059Z\", \"assignerOrgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"datePublished\": \"2026-03-27T05:25:19.851Z\", \"assignerShortName\": \"jpcert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.