CVE-2026-32678
high-risk
Published 2026-03-27
Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.
Do I need to act?
-
0.09% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
Wzr-S900Dhp Firmware
Wcr-1166Dhpl Firmware
Wsr3600Be4-Kh Firmware
Wsr3600Be4P Firmware
Wxr-1750Dhp Firmware
Wxr-1750Dhp2 Firmware
Wxr18000Be10P Firmware
Wxr-1900Dhp Firmware
Wxr-1900Dhp2 Firmware
Wxr-1900Dhp3 Firmware
Wxr-5950Ax12 Firmware
Wxr-6000Ax12B Firmware
Wxr-6000Ax12P Firmware
Wxr-6000Ax12S Firmware
Wzr-1166Dhp Firmware
Wzr-1166Dhp2 Firmware
Wzr-1750Dhp Firmware
Wzr-1750Dhp2 Firmware
Wzr-S1750Dhp Firmware
Wrm-D2133Hp Firmware
Affected Vendors
References (2)
Third Party Advisory
https://jvn.jp/en/jp/JVN83788689/
Vendor Advisory
https://www.buffalo.jp/news/detail/20260323-01.html
51
/ 100
high-risk
Severity
26/34 · High
Exploitability
0/34 · Minimal
Exposure
25/34 · High