Vulnerability Description
Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Buffalo | Wzr-S900Dhp Firmware | - |
| Buffalo | Wzr-S900Dhp | - |
| Buffalo | Wcr-1166Dhpl Firmware | < 1.01 |
| Buffalo | Wcr-1166Dhpl | - |
| Buffalo | Wsr3600Be4-Kh Firmware | < 6.02 |
| Buffalo | Wsr3600Be4-Kh | - |
| Buffalo | Wsr3600Be4P Firmware | < 5.02 |
| Buffalo | Wsr3600Be4P | - |
| Buffalo | Wxr-1750Dhp Firmware | < 2.63 |
| Buffalo | Wxr-1750Dhp | - |
| Buffalo | Wxr-1750Dhp2 Firmware | < 2.63 |
| Buffalo | Wxr-1750Dhp2 | - |
| Buffalo | Wxr18000Be10P Firmware | < 5.03 |
| Buffalo | Wxr18000Be10P | - |
| Buffalo | Wxr-1900Dhp Firmware | < 2.53 |
| Buffalo | Wxr-1900Dhp | - |
| Buffalo | Wxr-1900Dhp2 Firmware | < 2.62 |
| Buffalo | Wxr-1900Dhp2 | - |
| Buffalo | Wxr-1900Dhp3 Firmware | < 2.66 |
| Buffalo | Wxr-1900Dhp3 | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN83788689/Third Party Advisory
- https://www.buffalo.jp/news/detail/20260323-01.htmlVendor Advisory
FAQ
What is CVE-2026-32678?
CVE-2026-32678 is a vulnerability with a CVSS score of 7.5 (HIGH). Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.
How severe is CVE-2026-32678?
CVE-2026-32678 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-32678?
Check the references section above for vendor advisories and patch information. Affected products include: Buffalo Wzr-S900Dhp Firmware, Buffalo Wzr-S900Dhp, Buffalo Wcr-1166Dhpl Firmware, Buffalo Wcr-1166Dhpl, Buffalo Wsr3600Be4-Kh Firmware.