CVE-2026-27650
Summary
| CVE | CVE-2026-27650 |
|---|---|
| State | PUBLISHED |
| Assigner | jpcert |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-03-27 06:16:38 UTC |
| Updated | 2026-03-31 19:04:01 UTC |
| Description | OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products. |
Risk And Classification
Primary CVSS: v4.0 8.6 HIGH from [email protected]
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS: 0.000630000 probability, percentile 0.195720000 (date 2026-04-01)
Problem Types: CWE-78 | CWE-78 Improper neutralization of special elements used in an OS command ('OS Command Injection')
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | [email protected] | Secondary | 8.6 | HIGH | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/C... |
| 4.0 | CNA | CVSS | 8.6 | HIGH | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| 3.1 | [email protected] | Primary | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.0 | [email protected] | Secondary | 8.8 | HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.0 | CNA | CVSS | 8.8 | HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVSS v4.0 Breakdown
Attack Vector
NetworkAttack Complexity
LowAttack Requirements
NonePrivileges Required
NoneUser Interaction
ActiveConfidentiality
HighIntegrity
HighAvailability
HighSub Conf.
NoneSub Integrity
NoneSub Availability
NoneCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v3.0 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
RequiredScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Buffalo | Fs-m1266 | - | All | All | All |
| Operating System | Buffalo | Fs-m1266 Firmware | All | All | All | All |
| Hardware | Buffalo | Fs-s1266 | - | All | All | All |
| Operating System | Buffalo | Fs-s1266 Firmware | All | All | All | All |
| Hardware | Buffalo | Vr-u300w | - | All | All | All |
| Operating System | Buffalo | Vr-u300w Firmware | All | All | All | All |
| Hardware | Buffalo | Vr-u500x | - | All | All | All |
| Operating System | Buffalo | Vr-u500x Firmware | All | All | All | All |
| Hardware | Buffalo | Wapm-1266r | - | All | All | All |
| Operating System | Buffalo | Wapm-1266r Firmware | All | All | All | All |
| Hardware | Buffalo | Wapm-1266wdpr | - | All | All | All |
| Hardware | Buffalo | Wapm-1266wdpra | - | All | All | All |
| Operating System | Buffalo | Wapm-1266wdpra Firmware | All | All | All | All |
| Operating System | Buffalo | Wapm-1266wdpr Firmware | All | All | All | All |
| Hardware | Buffalo | Wapm-1750d | - | All | All | All |
| Operating System | Buffalo | Wapm-1750d Firmware | All | All | All | All |
| Hardware | Buffalo | Wapm-2133r | - | All | All | All |
| Operating System | Buffalo | Wapm-2133r Firmware | All | All | All | All |
| Hardware | Buffalo | Wapm-2133tr | - | All | All | All |
| Operating System | Buffalo | Wapm-2133tr Firmware | All | All | All | All |
| Hardware | Buffalo | Wapm-ax4r | - | All | All | All |
| Operating System | Buffalo | Wapm-ax4r Firmware | All | All | All | All |
| Hardware | Buffalo | Wapm-ax8r | - | All | All | All |
| Operating System | Buffalo | Wapm-ax8r Firmware | All | All | All | All |
| Hardware | Buffalo | Wapm-axetr | - | All | All | All |
| Operating System | Buffalo | Wapm-axetr Firmware | All | All | All | All |
| Hardware | Buffalo | Waps-1266 | - | All | All | All |
| Operating System | Buffalo | Waps-1266 Firmware | All | All | All | All |
| Hardware | Buffalo | Waps-ax4 | - | All | All | All |
| Operating System | Buffalo | Waps-ax4 Firmware | All | All | All | All |
| Hardware | Buffalo | Wcr-1166dhpl | - | All | All | All |
| Operating System | Buffalo | Wcr-1166dhpl Firmware | All | All | All | All |
| Hardware | Buffalo | Wem-1266 | - | All | All | All |
| Hardware | Buffalo | Wem-1266wp | - | All | All | All |
| Operating System | Buffalo | Wem-1266wp Firmware | All | All | All | All |
| Operating System | Buffalo | Wem-1266 Firmware | All | All | All | All |
| Hardware | Buffalo | Wrm-d2133hp | - | All | All | All |
| Operating System | Buffalo | Wrm-d2133hp Firmware | All | All | All | All |
| Hardware | Buffalo | Wrm-d2133hs | - | All | All | All |
| Operating System | Buffalo | Wrm-d2133hs Firmware | All | All | All | All |
| Hardware | Buffalo | Wsr3600be4-kh | - | All | All | All |
| Operating System | Buffalo | Wsr3600be4-kh Firmware | All | All | All | All |
| Hardware | Buffalo | Wsr3600be4p | - | All | All | All |
| Operating System | Buffalo | Wsr3600be4p Firmware | All | All | All | All |
| Hardware | Buffalo | Wtr-m2133hp | - | All | All | All |
| Operating System | Buffalo | Wtr-m2133hp Firmware | All | All | All | All |
| Hardware | Buffalo | Wtr-m2133hs | - | All | All | All |
| Operating System | Buffalo | Wtr-m2133hs Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-1750dhp | - | All | All | All |
| Hardware | Buffalo | Wxr-1750dhp2 | - | All | All | All |
| Operating System | Buffalo | Wxr-1750dhp2 Firmware | All | All | All | All |
| Operating System | Buffalo | Wxr-1750dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-1900dhp | - | All | All | All |
| Hardware | Buffalo | Wxr-1900dhp2 | - | All | All | All |
| Operating System | Buffalo | Wxr-1900dhp2 Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-1900dhp3 | - | All | All | All |
| Operating System | Buffalo | Wxr-1900dhp3 Firmware | All | All | All | All |
| Operating System | Buffalo | Wxr-1900dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-5950ax12 | - | All | All | All |
| Operating System | Buffalo | Wxr-5950ax12 Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-6000ax12b | - | All | All | All |
| Operating System | Buffalo | Wxr-6000ax12b Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-6000ax12p | - | All | All | All |
| Operating System | Buffalo | Wxr-6000ax12p Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr-6000ax12s | - | All | All | All |
| Operating System | Buffalo | Wxr-6000ax12s Firmware | All | All | All | All |
| Hardware | Buffalo | Wxr18000be10p | - | All | All | All |
| Operating System | Buffalo | Wxr18000be10p Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-1166dhp | - | All | All | All |
| Hardware | Buffalo | Wzr-1166dhp2 | - | All | All | All |
| Operating System | Buffalo | Wzr-1166dhp2 Firmware | All | All | All | All |
| Operating System | Buffalo | Wzr-1166dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-1750dhp | - | All | All | All |
| Hardware | Buffalo | Wzr-1750dhp2 | - | All | All | All |
| Operating System | Buffalo | Wzr-1750dhp2 Firmware | All | All | All | All |
| Operating System | Buffalo | Wzr-1750dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-600dhp | - | All | All | All |
| Hardware | Buffalo | Wzr-600dhp2 | - | All | All | All |
| Operating System | Buffalo | Wzr-600dhp2 Firmware | - | All | All | All |
| Hardware | Buffalo | Wzr-600dhp3 | - | All | All | All |
| Operating System | Buffalo | Wzr-600dhp3 Firmware | - | All | All | All |
| Operating System | Buffalo | Wzr-600dhp Firmware | - | All | All | All |
| Hardware | Buffalo | Wzr-900dhp | - | All | All | All |
| Hardware | Buffalo | Wzr-900dhp2 | - | All | All | All |
| Operating System | Buffalo | Wzr-900dhp2 Firmware | - | All | All | All |
| Operating System | Buffalo | Wzr-900dhp Firmware | - | All | All | All |
| Hardware | Buffalo | Wzr-s1750dhp | - | All | All | All |
| Operating System | Buffalo | Wzr-s1750dhp Firmware | All | All | All | All |
| Hardware | Buffalo | Wzr-s600dhp | - | All | All | All |
| Operating System | Buffalo | Wzr-s600dhp Firmware | - | All | All | All |
| Hardware | Buffalo | Wzr-s900dhp | - | All | All | All |
| Operating System | Buffalo | Wzr-s900dhp Firmware | - | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | BUFFALO INC. | BUFFALO Wi-Fi Router Products | affected See "References" section | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| jvn.jp/en/jp/JVN83788689 | [email protected] | jvn.jp | Third Party Advisory |
| www.buffalo.jp/news/detail/20260323-01.html | [email protected] | www.buffalo.jp | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.