Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.
AnalysisAI
Remote OS command injection in BUFFALO Wi-Fi router products allows unauthenticated attackers to execute arbitrary operating system commands with user interaction required. The vulnerability affects multiple BUFFALO Wi-Fi router models as confirmed by CPE designation and carries a CVSS score of 8.8 (High severity). While attack complexity is low and no privileges are required, successful exploitation depends on user interaction, reducing immediate attack surface. No public exploit identified at time of analysis, and exploitation probability metrics are not available in provided intelligence.
Technical ContextAI
This vulnerability is classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command), commonly known as OS command injection. The affected technology comprises BUFFALO Inc.'s Wi-Fi router product line (CPE: cpe:2.3:a:buffalo_inc.:buffalo_wi-fi_router_products). Command injection occurs when an application passes unsafe user-supplied data to a system shell without proper validation or sanitization, allowing attackers to inject shell metacharacters and execute arbitrary commands with the privileges of the vulnerable process. In network devices like routers, this typically manifests through web management interfaces, configuration APIs, or network service handlers that fail to sanitize input parameters before passing them to underlying system calls or shell commands.
RemediationAI
Consult the official BUFFALO security advisory at https://www.buffalo.jp/news/detail/20260323-01.html for model-specific firmware updates and patch deployment instructions. The vendor advisory published March 23, 2026, contains detailed remediation guidance including affected firmware versions and patched release information. Until firmware updates can be applied, implement defense-in-depth measures including: restricting router management interface access to trusted internal networks only (disable WAN-side administration), implementing strong administrator credentials, educating administrators about phishing and social engineering risks given the UI:R requirement, and monitoring router logs for suspicious command execution patterns. Additional technical details and mitigation recommendations are available in the JVN advisory at https://jvn.jp/en/jp/JVN83788689/ published by JPCERT.
BUFFALO Wi-Fi router products allow unauthenticated remote attackers to bypass authentication mechanisms and modify crit
BUFFALO Wi-Fi router products allow remote code execution through a code injection vulnerability requiring user interact
BUFFALO Wi-Fi router products contain hidden debugging functionality that permits authenticated attackers with high-leve
BUFFALO Wi-Fi router products lack authentication controls on a critical reboot function, allowing remote unauthenticate
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-16543