← Back

Buffalotech

buffalotech

12 CVEs • 66 products

Products (66)

Click to collapse
Toggle
Wnc01wh Firmware
wnc01wh_firmware
6 CVEs
Whr 300hp2 Firmware
whr-300hp2_firmware
3 CVEs
Whr 1166dhp Firmware
whr-1166dhp_firmware
3 CVEs
Bhr 4grv2 Firmware
bhr-4grv2_firmware
3 CVEs
Wmr 300 Firmware
wmr-300_firmware
3 CVEs
Wex 300 Firmware
wex-300_firmware
3 CVEs
Whr 600d Firmware
whr-600d_firmware
3 CVEs
Wmr 433 Firmware
wmr-433_firmware
2 CVEs
Wsr 1166dhp Firmware
wsr-1166dhp_firmware
2 CVEs
Airstation Whr G54s
airstation_whr-g54s
1 CVE
Bbr 4hg Firmware
bbr-4hg_firmware
1 CVE
Bbr 4mg Firmware
bbr-4mg_firmware
1 CVE
Bhr 4rv Firmware
bhr-4rv_firmware
1 CVE
Fs G54 Firmware
fs-g54_firmware
1 CVE
Wer A54g54 Firmware
wer-a54g54_firmware
1 CVE
Wer Ag54 Firmware
wer-ag54_firmware
1 CVE
Wer Am54g54 Firmware
wer-am54g54_firmware
1 CVE
Wer Amg54 Firmware
wer-amg54_firmware
1 CVE
Whr Am54g54 Firmware
whr-am54g54_firmware
1 CVE
Whr Amg54 Firmware
whr-amg54_firmware
1 CVE
Whr Ampg Firmware
whr-ampg_firmware
1 CVE
Whr G Firmware
whr-g_firmware
1 CVE
Whr G54s Firmware
whr-g54s_firmware
1 CVE
Whr Hp Ampg Firmware
whr-hp-ampg_firmware
1 CVE
Whr Hp G Firmware
whr-hp-g_firmware
1 CVE
Whr Hp G54 Firmware
whr-hp-g54_firmware
1 CVE
Wzr Ampg144nh Firmware
wzr-ampg144nh_firmware
1 CVE
Wzr Ampg300nh Firmware
wzr-ampg300nh_firmware
1 CVE
Wzr G144n Firmware
wzr-g144n_firmware
1 CVE
Wzr G144nh Firmware
wzr-g144nh_firmware
1 CVE
Wzr2 G300n Firmware
wzr2-g300n_firmware
1 CVE
As 100
as-100
1 CVE
Bbr 4hg
bbr-4hg
1 CVE
Bbr 4mg
bbr-4mg
1 CVE
Bhr 4rv
bhr-4rv
1 CVE
Fs G54
fs-g54
1 CVE
Wer A54g54
wer-a54g54
1 CVE
Wer Ag54
wer-ag54
1 CVE
Wer Am54g54
wer-am54g54
1 CVE
Wer Amg54
wer-amg54
1 CVE
Whr Am54g54
whr-am54g54
1 CVE
Whr Amg54
whr-amg54
1 CVE
Whr Ampg
whr-ampg
1 CVE
Whr G
whr-g
1 CVE
Whr G54s
whr-g54s
1 CVE
Whr Hp Ampg
whr-hp-ampg
1 CVE
Whr Hp G
whr-hp-g
1 CVE
Whr Hp G54
whr-hp-g54
1 CVE
Wzr Ampg144nh
wzr-ampg144nh
1 CVE
Wzr Ampg300nh
wzr-ampg300nh
1 CVE
Wzr G144n
wzr-g144n
1 CVE
Wzr G144nh
wzr-g144nh
1 CVE
Wzr2 G300n
wzr2-g300n
1 CVE
Wsr 600dhp Firmware
wsr-600dhp_firmware
1 CVE
Airstation Extreme N600 Firmware
airstation_extreme_n600_firmware
1 CVE
Airstation Extreme N600
airstation_extreme_n600
1 CVE
Wsr 600dhp
wsr-600dhp
0 CVEs
Whr 300hp2
whr-300hp2
0 CVEs
Whr 1166dhp
whr-1166dhp
0 CVEs
Bhr 4grv2
bhr-4grv2
0 CVEs
Wmr 300
wmr-300
0 CVEs
Wex 300
wex-300
0 CVEs
Whr 600d
whr-600d
0 CVEs
Wmr 433
wmr-433
0 CVEs
Wsr 1166dhp
wsr-1166dhp
0 CVEs
Wnc01wh
wnc01wh
0 CVEs

CVEs (12)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-7826
1Buffalotech
1Wnc01wh Firmware
May 13, 2026
Jun 9, 2017
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.
CVE-2016-7825
1Buffalotech
1Wnc01wh Firmware
May 13, 2026
Jun 9, 2017
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.
CVE-2016-7824
1Buffalotech
1Wnc01wh Firmware
May 13, 2026
Jun 9, 2017
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors.
CVE-2016-7823
1Buffalotech
1Wnc01wh Firmware
May 13, 2026
Jun 9, 2017
N/A· v4
4.3 MEDIUM· v3
2.3 LOW· v2
Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-7822
1Buffalotech
1Wnc01wh Firmware
May 13, 2026
Jun 9, 2017
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operatio...Show more
Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors.Show less
CVE-2016-7821
1Buffalotech
1Wnc01wh Firmware
May 13, 2026
Jun 9, 2017
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors.
CVE-2016-1135
1Buffalotech
8Bhr 4grv2 Firmware
Wex 300 FirmwareWhr 1166dhp Firmware+5 more
May 6, 2026
Jan 22, 2016
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices...Show more
Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices with firmware 1.90 and earlier, WMR-300 devices with firmware 1.90 and earlier, WMR-433 devices with firmware 1.01 and earlier, and WSR-1166DHP devices with firmware 1.01 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2016-1134
1Buffalotech
8Bhr 4grv2 Firmware
Wex 300 FirmwareWhr 1166dhp Firmware+5 more
May 6, 2026
Jan 22, 2016
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2...Show more
Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices with firmware 1.90 and earlier, WMR-300 devices with firmware 1.90 and earlier, WMR-433 devices with firmware 1.01 and earlier, and WSR-1166DHP devices with firmware 1.01 and earlier allows remote attackers to hijack the authentication of arbitrary users.Show less
CVE-2015-8262
1Buffalotech
2Airstation Extreme N600
Airstation Extreme N600 Firmware
May 6, 2026
Dec 27, 2015
N/A· v4
6.8 MEDIUM· v3
5.0 MEDIUM· v2
Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predictin...Show more
Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.Show less
CVE-2014-9284
1Buffalotech
7Bhr 4grv2 Firmware
Wex 300 FirmwareWhr 1166dhp Firmware+4 more
May 6, 2026
Jun 9, 2015
N/A· v4
N/A· v3
7.7 HIGH· v2
The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers al...Show more
The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.Show less
CVE-2011-1324
1Buffalotech
43As 100
Bbr 4hgBbr 4hg Firmware+40 more
Apr 29, 2026
May 9, 2011
N/A· v4
N/A· v3
5.8 MEDIUM· v2
Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 route...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for requests that modify settings, as demonstrated by changing the login password.Show less
CVE-2007-4822
1Buffalotech
1Airstation Whr G54s
Apr 23, 2026
Sep 11, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certai...Show more
Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html.Show less