Buffalo Wi Fi Router Products
Monthly
BUFFALO Wi-Fi router products lack authentication controls on a critical reboot function, allowing remote unauthenticated attackers to forcibly restart affected devices over the network. The vulnerability affects multiple BUFFALO router product lines across unspecified versions. While the CVSS score of 5.3 reflects moderate severity, the attack requires no credentials, no user interaction, and can be executed remotely with low complexity, making it operationally exploitable for denial-of-service attacks against networked BUFFALO routers. No public exploit code or confirmed active exploitation has been identified at the time of analysis.
BUFFALO Wi-Fi router products contain hidden debugging functionality that permits authenticated attackers with high-level privileges to execute arbitrary operating system commands remotely. The vulnerability affects an unspecified range of BUFFALO's router lineup and carries a CVSS score of 7.2, requiring high privileges (PR:H) but low attack complexity over the network. No public exploit identified at time of analysis, and EPSS data is not provided in available intelligence.
BUFFALO Wi-Fi router products allow unauthenticated remote attackers to bypass authentication mechanisms and modify critical configuration settings without valid credentials. This CWE-288 authentication bypass vulnerability affects BUFFALO Wi-Fi router product lines (CVSS 7.5, High severity) and enables complete compromise of device integrity. No public exploit identified at time of analysis, though the network-accessible attack surface and low complexity (AV:N/AC:L/PR:N) increase exposure risk for internet-facing devices.
BUFFALO Wi-Fi router products allow remote code execution through a code injection vulnerability requiring user interaction. An unauthenticated attacker (CVSS PR:N) can execute arbitrary code on affected devices with high impact to confidentiality, integrity, and availability (CVSS 8.8). The vulnerability was disclosed through JVN and BUFFALO's official advisory, with no public exploit identified at time of analysis.
Remote OS command injection in BUFFALO Wi-Fi router products allows unauthenticated attackers to execute arbitrary operating system commands with user interaction required. The vulnerability affects multiple BUFFALO Wi-Fi router models as confirmed by CPE designation and carries a CVSS score of 8.8 (High severity). While attack complexity is low and no privileges are required, successful exploitation depends on user interaction, reducing immediate attack surface. No public exploit identified at time of analysis, and exploitation probability metrics are not available in provided intelligence.
BUFFALO Wi-Fi router products lack authentication controls on a critical reboot function, allowing remote unauthenticated attackers to forcibly restart affected devices over the network. The vulnerability affects multiple BUFFALO router product lines across unspecified versions. While the CVSS score of 5.3 reflects moderate severity, the attack requires no credentials, no user interaction, and can be executed remotely with low complexity, making it operationally exploitable for denial-of-service attacks against networked BUFFALO routers. No public exploit code or confirmed active exploitation has been identified at the time of analysis.
BUFFALO Wi-Fi router products contain hidden debugging functionality that permits authenticated attackers with high-level privileges to execute arbitrary operating system commands remotely. The vulnerability affects an unspecified range of BUFFALO's router lineup and carries a CVSS score of 7.2, requiring high privileges (PR:H) but low attack complexity over the network. No public exploit identified at time of analysis, and EPSS data is not provided in available intelligence.
BUFFALO Wi-Fi router products allow unauthenticated remote attackers to bypass authentication mechanisms and modify critical configuration settings without valid credentials. This CWE-288 authentication bypass vulnerability affects BUFFALO Wi-Fi router product lines (CVSS 7.5, High severity) and enables complete compromise of device integrity. No public exploit identified at time of analysis, though the network-accessible attack surface and low complexity (AV:N/AC:L/PR:N) increase exposure risk for internet-facing devices.
BUFFALO Wi-Fi router products allow remote code execution through a code injection vulnerability requiring user interaction. An unauthenticated attacker (CVSS PR:N) can execute arbitrary code on affected devices with high impact to confidentiality, integrity, and availability (CVSS 8.8). The vulnerability was disclosed through JVN and BUFFALO's official advisory, with no public exploit identified at time of analysis.
Remote OS command injection in BUFFALO Wi-Fi router products allows unauthenticated attackers to execute arbitrary operating system commands with user interaction required. The vulnerability affects multiple BUFFALO Wi-Fi router models as confirmed by CPE designation and carries a CVSS score of 8.8 (High severity). While attack complexity is low and no privileges are required, successful exploitation depends on user interaction, reducing immediate attack surface. No public exploit identified at time of analysis, and exploitation probability metrics are not available in provided intelligence.