CVE-2022-40966
Summary
| CVE | CVE-2022-40966 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-12-07 10:15:00 UTC |
| Updated | 2022-12-13 17:13:00 UTC |
| Description | Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Buffalo | Bhr-4grv | - | All | All | All |
| Operating System | Buffalo | Bhr-4grv Firmware | All | All | All | All |
| Hardware | Buffalo | Dwr-hp-g300nh | - | All | All | All |
| Operating System | Buffalo | Dwr-hp-g300nh Firmware | All | All | All | All |
| Hardware | Buffalo | Dwr-pg | - | All | All | All |
| Operating System | Buffalo | Dwr-pg Firmware | All | All | All | All |
| Hardware | Buffalo | Fs-600dhp | - | All | All | All |
| Operating System | Buffalo | Fs-600dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Fs-g300n | - | All | All | All |
| Operating System | Buffalo | Fs-g300n Firmware | All | All | All | All |
| Hardware | Buffalo | Fs-hp-g300n | - | All | All | All |
| Operating System | Buffalo | Fs-hp-g300n Firmware | All | All | All | All |
| Hardware | Buffalo | Fs-r600dhp | - | All | All | All |
| Operating System | Buffalo | Fs-r600dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Hw-450hp-zwe | - | All | All | All |
| Operating System | Buffalo | Hw-450hp-zwe Firmware | All | All | All | All |
| Hardware | Buffalo | Wcr-300 | - | All | All | All |
| Operating System | Buffalo | Wcr-300 Firmware | All | All | All | All |
| Hardware | Buffalo | Wem-1266 | - | All | All | All |
| Hardware | Buffalo | Wem-1266wp | - | All | All | All |
| Operating System | Buffalo | Wem-1266wp Firmware | All | All | All | All |
| Operating System | Buffalo | Wem-1266 Firmware | All | All | All | All |
| Hardware | Buffalo | Wer-a54g54 | - | All | All | All |
| Operating System | Buffalo | Wer-a54g54 Firmware | All | All | All | All |
| Hardware | Buffalo | Wer-ag54 | - | All | All | All |
| Operating System | Buffalo | Wer-ag54 Firmware | All | All | All | All |
| Hardware | Buffalo | Wer-am54g54 | - | All | All | All |
| Operating System | Buffalo | Wer-am54g54 Firmware | All | All | All | All |
| Hardware | Buffalo | Wer-amg54 | - | All | All | All |
| Operating System | Buffalo | Wer-amg54 Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-300 | - | All | All | All |
| Hardware | Buffalo | Whr-300hp | - | All | All | All |
| Operating System | Buffalo | Whr-300hp Firmware | All | All | All | All |
| Operating System | Buffalo | Whr-300 Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-am54g54 | - | All | All | All |
| Operating System | Buffalo | Whr-am54g54 Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-amg54 | - | All | All | All |
| Operating System | Buffalo | Whr-amg54 Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-ampg | - | All | All | All |
| Operating System | Buffalo | Whr-ampg Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-g | - | All | All | All |
| Hardware | Buffalo | Whr-g300n | - | All | All | All |
| Operating System | Buffalo | Whr-g300n Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-g301n | - | All | All | All |
| Operating System | Buffalo | Whr-g301n Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-g54s | - | All | All | All |
| Hardware | Buffalo | Whr-g54s-ni | - | All | All | All |
| Operating System | Buffalo | Whr-g54s-ni Firmware | All | All | All | All |
| Operating System | Buffalo | Whr-g54s Firmware | All | All | All | All |
| Operating System | Buffalo | Whr-g Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-hp-ampg | - | All | All | All |
| Operating System | Buffalo | Whr-hp-ampg Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-hp-g | - | All | All | All |
| Hardware | Buffalo | Whr-hp-g300n | - | All | All | All |
| Operating System | Buffalo | Whr-hp-g300n Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-hp-g54 | - | All | All | All |
| Operating System | Buffalo | Whr-hp-g54 Firmware | All | All | All | All |
| Hardware | Buffalo | Whr-hp-gn | - | All | All | All |
| Operating System | Buffalo | Whr-hp-gn Firmware | All | All | All | All |
| Operating System | Buffalo | Whr-hp-g Firmware | All | All | All | All |
| Hardware | Buffalo | Wlae-ag300n | - | All | All | All |
| Operating System | Buffalo | Wlae-ag300n Firmware | All | All | All | All |
| Hardware | Buffalo | Wli-h4-d600 | - | All | All | All |
| Operating System | Buffalo | Wli-h4-d600 Firmware | All | All | All | All |
| Hardware | Buffalo | Wpl-05g300 | - | All | All | All |
| Operating System | Buffalo | Wpl-05g300 Firmware | All | All | All | All |
| Hardware | Buffalo | Wrm-d2133hp | - | All | All | All |
| Operating System | Buffalo | Wrm-d2133hp Firmware | All | All | All | All |
| Hardware | Buffalo | Wrm-d2133hs | - | All | All | All |
| Operating System | Buffalo | Wrm-d2133hs Firmware | All | All | All | All |
| Hardware | Buffalo | Ws024bf | - | All | All | All |
| Hardware | Buffalo | Ws024bf-nw | - | All | All | All |
| Operating System | Buffalo | Ws024bf-nw Firmware | All | All | All | All |
| Operating System | Buffalo | Ws024bf Firmware | All | All | All | All |
| Hardware | Buffalo | Wtr-m2133hp | - | All | All | All |
| Operating System | Buffalo | Wtr-m2133hp Firmware | All | All | All | All |
| Hardware | Buffalo | Wtr-m2133hs | - | All | All | All |
| Operating System | Buffalo | Wtr-m2133hs Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-1750dhp | - | All | All | All |
| Hardware | Buffalo | Wxr-1750dhp2 | - | All | All | All |
| Operating System | Buffalo | Wxr-1750dhp2 Firmware | All | All | All | All |
| Operating System | Buffalo | Wxr-1750dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-1900dhp | - | All | All | All |
| Hardware | Buffalo | Wxr-1900dhp2 | - | All | All | All |
| Operating System | Buffalo | Wxr-1900dhp2 Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-1900dhp3 | - | All | All | All |
| Operating System | Buffalo | Wxr-1900dhp3 Firmware | All | All | All | All |
| Operating System | Buffalo | Wxr-1900dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-5950ax12 | - | All | All | All |
| Operating System | Buffalo | Wxr-5950ax12 Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-6000ax12b | - | All | All | All |
| Operating System | Buffalo | Wxr-6000ax12b Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-6000ax12s | - | All | All | All |
| Operating System | Buffalo | Wxr-6000ax12s Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-1166dhp | - | All | All | All |
| Hardware | Buffalo | Wzr-1166dhp2 | - | All | All | All |
| Operating System | Buffalo | Wzr-1166dhp2 Firmware | All | All | All | All |
| Operating System | Buffalo | Wzr-1166dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-1750dhp | - | All | All | All |
| Hardware | Buffalo | Wzr-1750dhp2 | - | All | All | All |
| Operating System | Buffalo | Wzr-1750dhp2 Firmware | All | All | All | All |
| Operating System | Buffalo | Wzr-1750dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-300hp | - | All | All | All |
| Operating System | Buffalo | Wzr-300hp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-450hp | - | All | All | All |
| Hardware | Buffalo | Wzr-450hp-cwt | - | All | All | All |
| Operating System | Buffalo | Wzr-450hp-cwt Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-450hp-ub | - | All | All | All |
| Operating System | Buffalo | Wzr-450hp-ub Firmware | All | All | All | All |
| Operating System | Buffalo | Wzr-450hp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-600dhp | - | All | All | All |
| Hardware | Buffalo | Wzr-600dhp2 | - | All | All | All |
| Operating System | Buffalo | Wzr-600dhp2 Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-600dhp3 | - | All | All | All |
| Operating System | Buffalo | Wzr-600dhp3 Firmware | All | All | All | All |
| Operating System | Buffalo | Wzr-600dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-900dhp | - | All | All | All |
| Hardware | Buffalo | Wzr-900dhp2 | - | All | All | All |
| Operating System | Buffalo | Wzr-900dhp2 Firmware | All | All | All | All |
| Operating System | Buffalo | Wzr-900dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-agl300nh | - | All | All | All |
| Operating System | Buffalo | Wzr-agl300nh Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-ampg144nh | - | All | All | All |
| Operating System | Buffalo | Wzr-ampg144nh Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-ampg300nh | - | All | All | All |
| Operating System | Buffalo | Wzr-ampg300nh Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-d1100h | - | All | All | All |
| Operating System | Buffalo | Wzr-d1100h Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-g144n | - | All | All | All |
| Hardware | Buffalo | Wzr-g144nh | - | All | All | All |
| Operating System | Buffalo | Wzr-g144nh Firmware | All | All | All | All |
| Operating System | Buffalo | Wzr-g144n Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-hp-ag300h | - | All | All | All |
| Operating System | Buffalo | Wzr-hp-ag300h Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-hp-g300nh | - | All | All | All |
| Operating System | Buffalo | Wzr-hp-g300nh Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-hp-g301nh | - | All | All | All |
| Operating System | Buffalo | Wzr-hp-g301nh Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-hp-g302h | - | All | All | All |
| Operating System | Buffalo | Wzr-hp-g302h Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-hp-g450h | - | All | All | All |
| Operating System | Buffalo | Wzr-hp-g450h Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-s1750dhp | - | All | All | All |
| Operating System | Buffalo | Wzr-s1750dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-s600dhp | - | All | All | All |
| Operating System | Buffalo | Wzr-s600dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-s900dhp | - | All | All | All |
| Operating System | Buffalo | Wzr-s900dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr2-g300n | - | All | All | All |
| Operating System | Buffalo | Wzr2-g300n Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| JVNVU#92805279: Multiple vulnerabilities in Buffalo network devices | MISC | jvn.jp | |
| www.buffalo.jp/news/detail/20221003-01.html | MISC | www.buffalo.jp | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.