Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.
AnalysisAI
BUFFALO Wi-Fi router products contain hidden debugging functionality that permits authenticated attackers with high-level privileges to execute arbitrary operating system commands remotely. The vulnerability affects an unspecified range of BUFFALO's router lineup and carries a CVSS score of 7.2, requiring high privileges (PR:H) but low attack complexity over the network. No public exploit identified at time of analysis, and EPSS data is not provided in available intelligence.
Technical ContextAI
This vulnerability is classified as CWE-912 (Hidden Functionality), indicating the presence of undocumented or unintended debugging interfaces within BUFFALO Wi-Fi router firmware. The affected products are identified via CPE cpe:2.3:a:buffalo_inc.:buffalo_wi-fi_router_products:*:*:*:*:*:*:*:*, though specific model numbers and firmware versions are not detailed in the CPE string. Hidden functionality vulnerabilities typically arise from developer backdoors, diagnostic interfaces, or maintenance functions left accessible in production firmware. In this case, the debugging interface permits OS command execution, suggesting the presence of a shell or command interpreter accessible through the router's management interface or an undocumented network service. The root cause stems from insufficient access controls or improper removal of development-stage functionality before production deployment.
RemediationAI
Consult the BUFFALO vendor security advisory at https://www.buffalo.jp/news/detail/20260323-01.html for model-specific firmware updates and patching instructions. Patch availability per vendor advisory is indicated through the published notification, though exact firmware version numbers are not provided in analyzed intelligence sources. Until firmware updates can be applied, implement compensating controls including changing default administrative credentials to complex unique passwords, restricting management interface access to trusted IP ranges through firewall rules or access control lists, disabling remote administration features if not operationally required, and monitoring router logs for unauthorized access attempts or suspicious command execution patterns. Consider placing affected routers behind additional network security layers or replacing with alternative products if vendor support or patching is unavailable for specific models.
BUFFALO Wi-Fi router products allow unauthenticated remote attackers to bypass authentication mechanisms and modify crit
BUFFALO Wi-Fi router products allow remote code execution through a code injection vulnerability requiring user interact
Remote OS command injection in BUFFALO Wi-Fi router products allows unauthenticated attackers to execute arbitrary opera
BUFFALO Wi-Fi router products lack authentication controls on a critical reboot function, allowing remote unauthenticate
Same weakness CWE-912 – Hidden Functionality
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-16549