Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products.
AnalysisAI
BUFFALO Wi-Fi router products allow remote code execution through a code injection vulnerability requiring user interaction. An unauthenticated attacker (CVSS PR:N) can execute arbitrary code on affected devices with high impact to confidentiality, integrity, and availability (CVSS 8.8). The vulnerability was disclosed through JVN and BUFFALO's official advisory, with no public exploit identified at time of analysis.
Technical ContextAI
This vulnerability affects BUFFALO Wi-Fi router products as identified by CPE cpe:2.3:a:buffalo_inc.:buffalo_wi-fi_router_products. The root cause is CWE-94 (Improper Control of Generation of Code / Code Injection), which occurs when an application constructs executable code using externally-influenced input without proper neutralization. In router firmware contexts, code injection typically manifests through web management interfaces, firmware update mechanisms, or configuration parsers that fail to sanitize user-supplied data before incorporating it into system commands or script execution contexts. The network-accessible attack vector (AV:N) combined with low complexity (AC:L) indicates the vulnerability can be triggered remotely without specialized conditions, though the user interaction requirement (UI:R) suggests exploitation requires victim action such as visiting a malicious page or clicking a crafted link.
RemediationAI
Consult the BUFFALO vendor advisory at https://www.buffalo.jp/news/detail/20260323-01.html for model-specific patch availability and firmware update instructions. The JVN advisory at https://jvn.jp/en/jp/JVN83788689/ may provide additional remediation guidance. Until patching is possible, implement network segmentation to isolate Wi-Fi router management interfaces from untrusted networks, disable remote administration features if not required, restrict management interface access to trusted IP addresses only, and educate users with router admin access to avoid clicking suspicious links or visiting untrusted websites while authenticated to the router's administration panel. Consider deploying web filtering or browser isolation for users with administrative access to network infrastructure.
BUFFALO Wi-Fi router products allow unauthenticated remote attackers to bypass authentication mechanisms and modify crit
Remote OS command injection in BUFFALO Wi-Fi router products allows unauthenticated attackers to execute arbitrary opera
BUFFALO Wi-Fi router products contain hidden debugging functionality that permits authenticated attackers with high-leve
BUFFALO Wi-Fi router products lack authentication controls on a critical reboot function, allowing remote unauthenticate
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-16545
GHSA-vxrf-632h-2jj6