Wzr 900dhp Firmware
Sign in to watchby Buffalo
CVEs (7)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-33280 | Cri | 0.64 | 9.8 | 0.00 | Mar 27, 2026 | Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands. | |
| CVE-2026-32669 | Cri | 0.64 | 9.8 | 0.00 | Mar 27, 2026 | Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products. | |
| CVE-2026-27650 | Cri | 0.64 | 9.8 | 0.00 | Mar 27, 2026 | OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products. | |
| CVE-2026-32678 | Hig | 0.49 | 7.5 | 0.00 | Mar 27, 2026 | Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication. | |
| CVE-2016-4815 | Hig | 0.49 | 7.5 | 0.00 | Jun 19, 2016 | Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |
| CVE-2016-4816 | Med | 0.42 | 6.5 | 0.00 | Jun 19, 2016 | BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors. | |
| CVE-2026-33366 | Med | 0.34 | 5.3 | 0.00 | Mar 27, 2026 | Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication. |