VYPR

Wzr 600dhp2 Firmware

by Buffalotech

CVEs (9)

  • CVE-2026-33280CriMar 27, 2026
    risk 0.64cvss 9.8epss 0.00

    Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.

  • CVE-2026-32669CriMar 27, 2026
    risk 0.64cvss 9.8epss 0.00

    Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products.

  • CVE-2026-27650CriMar 27, 2026
    risk 0.64cvss 9.8epss 0.01

    OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.

  • CVE-2026-32678HigMar 27, 2026
    risk 0.49cvss 7.5epss 0.00

    Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.

  • CVE-2016-4815HigJun 19, 2016
    risk 0.49cvss 7.5epss 0.02

    Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2015-8262MedDec 27, 2015
    risk 0.44cvss 6.8epss 0.01

    Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.

  • CVE-2026-33366MedMar 27, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.

  • CVE-2022-34840Dec 7, 2022
    risk 0.00cvss epss 0.00

    Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00…

  • CVE-2022-40966Dec 7, 2022
    risk 0.00cvss epss 0.00

    Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and…