1. Home
  2. Vulnerabilities
  3. CVE-2026-33280
9.8
CRITICAL CVSS 3.1
CVE-2026-33280
Buffalo Wi-Fi Router OS Command Injection Vulnerability
Overview
Description

Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.

Details
INFO

Published Date :

March 27, 2026, 6:16 a.m.

Last Modified :

March 31, 2026, 7:03 p.m.

Remotely Exploit :

Yes !

Source :

[email protected]
Impact
Affected Products

The following products are affected by CVE-2026-33280 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Buffalo wxr-1900dhp2_firmware
2 Buffalo wzr-600dhp_firmware
3 Buffalo wzr-900dhp_firmware
4 Buffalo wzr-600dhp2_firmware
5 Buffalo wrm-d2133hp_firmware
6 Buffalo wrm-d2133hs_firmware
7 Buffalo wtr-m2133hp_firmware
8 Buffalo wtr-m2133hs_firmware
9 Buffalo wxr-1900dhp_firmware
10 Buffalo wxr-1900dhp3_firmware
11 Buffalo wxr-5950ax12_firmware
12 Buffalo wxr-6000ax12b_firmware
13 Buffalo wxr-6000ax12s_firmware
14 Buffalo wzr-1750dhp2_firmware
15 Buffalo wem-1266_firmware
16 Buffalo wem-1266wp_firmware
17 Buffalo wxr-1750dhp_firmware
18 Buffalo wxr-1750dhp2_firmware
19 Buffalo wzr-1166dhp_firmware
20 Buffalo wzr-1166dhp2_firmware
21 Buffalo wzr-1750dhp_firmware
22 Buffalo wzr-600dhp3_firmware
23 Buffalo wzr-900dhp2_firmware
24 Buffalo wzr-s1750dhp_firmware
25 Buffalo wzr-s600dhp_firmware
26 Buffalo wzr-s900dhp_firmware
27 Buffalo wzr-900dhp2
28 Buffalo wzr-600dhp3
29 Buffalo wzr-s900dhp
30 Buffalo wzr-s600dhp
31 Buffalo wzr-900dhp
32 Buffalo wzr-600dhp2
33 Buffalo wxr-1750dhp
34 Buffalo wzr-600dhp
35 Buffalo wzr-1750dhp
36 Buffalo wzr-s1750dhp
37 Buffalo wzr-1750dhp2
38 Buffalo wzr-1166dhp2
39 Buffalo wxr-1900dhp
40 Buffalo wzr-1166dhp
41 Buffalo wxr-1900dhp2
42 Buffalo wrm-d2133hp
43 Buffalo wrm-d2133hs
44 Buffalo wtr-m2133hp
45 Buffalo wtr-m2133hs
46 Buffalo wxr-1900dhp3
47 Buffalo wxr-5950ax12
48 Buffalo wxr-6000ax12b
49 Buffalo wxr-6000ax12s
50 Buffalo wem-1266
51 Buffalo wem-1266wp
52 Buffalo wxr-1750dhp2
53 Buffalo wcr-1166dhpl_firmware
54 Buffalo wcr-1166dhpl
55 Buffalo wsr3600be4-kh_firmware
56 Buffalo wsr3600be4-kh
57 Buffalo wsr3600be4p_firmware
58 Buffalo wsr3600be4p
59 Buffalo wxr18000be10p_firmware
60 Buffalo wxr18000be10p
61 Buffalo wxr-6000ax12p_firmware
62 Buffalo wxr-6000ax12p
63 Buffalo vr-u300w_firmware
64 Buffalo vr-u300w
65 Buffalo vr-u500x_firmware
66 Buffalo vr-u500x
67 Buffalo wapm-1266r_firmware
68 Buffalo wapm-1266r
69 Buffalo wapm-1266wdpr_firmware
70 Buffalo wapm-1266wdpr
71 Buffalo wapm-1266wdpra_firmware
72 Buffalo wapm-1266wdpra
73 Buffalo wapm-1750d_firmware
74 Buffalo wapm-1750d
75 Buffalo wapm-2133r_firmware
76 Buffalo wapm-2133r
77 Buffalo wapm-2133tr_firmware
78 Buffalo wapm-2133tr
79 Buffalo wapm-ax4r_firmware
80 Buffalo wapm-ax4r
81 Buffalo wapm-ax8r_firmware
82 Buffalo wapm-ax8r
83 Buffalo wapm-axetr_firmware
84 Buffalo wapm-axetr
85 Buffalo waps-1266_firmware
86 Buffalo waps-1266
87 Buffalo waps-ax4_firmware
88 Buffalo waps-ax4
89 Buffalo fs-m1266_firmware
90 Buffalo fs-m1266
91 Buffalo fs-s1266_firmware
92 Buffalo fs-s1266
: Total Affected Vendor : 1 | Products : 92
Scoring
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.0 HIGH ede6fdc4-6654-4307-a26d-3331c018e2ce
CVSS 3.0 HIGH [email protected]
CVSS 3.0 HIGH MITRE-CVE
CVSS 3.1 CRITICAL [email protected]
CVSS 4.0 HIGH ede6fdc4-6654-4307-a26d-3331c018e2ce
CVSS 4.0 HIGH [email protected]
Solution
Update router firmware to remove hidden debugging functionality and prevent OS command execution.
  • Update router firmware to the latest version.
  • Disable unused debugging features.
  • Restrict access to administrative interfaces.
References
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-33280.

URL Resource
https://jvn.jp/en/jp/JVN83788689/ Third Party Advisory
https://www.buffalo.jp/news/detail/20260323-01.html Vendor Advisory
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-33280 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2026-33280 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-33280 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2026-33280 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Mar. 31, 2026

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wcr-1166dhpl_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.01 OR cpe:2.3:h:buffalo:wcr-1166dhpl:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wsr3600be4-kh_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.02 OR cpe:2.3:h:buffalo:wsr3600be4-kh:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wsr3600be4p_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.02 OR cpe:2.3:h:buffalo:wsr3600be4p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-1750dhp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.63 OR cpe:2.3:h:buffalo:wxr-1750dhp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-1750dhp2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.63 OR cpe:2.3:h:buffalo:wxr-1750dhp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr18000be10p_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.03 OR cpe:2.3:h:buffalo:wxr18000be10p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-1900dhp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.53 OR cpe:2.3:h:buffalo:wxr-1900dhp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.62 OR cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-1900dhp3_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.66 OR cpe:2.3:h:buffalo:wxr-1900dhp3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-5950ax12_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.57 OR cpe:2.3:h:buffalo:wxr-5950ax12:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-6000ax12b_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.57 OR cpe:2.3:h:buffalo:wxr-6000ax12b:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-6000ax12p_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.57 OR cpe:2.3:h:buffalo:wxr-6000ax12p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wxr-6000ax12s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.57 OR cpe:2.3:h:buffalo:wxr-6000ax12s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-1166dhp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.20 OR cpe:2.3:h:buffalo:wzr-1166dhp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.20 OR cpe:2.3:h:buffalo:wzr-1166dhp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-1750dhp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.32 OR cpe:2.3:h:buffalo:wzr-1750dhp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.33 OR cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.34 OR cpe:2.3:h:buffalo:wzr-s1750dhp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wrm-d2133hp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.01 OR cpe:2.3:h:buffalo:wrm-d2133hp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wrm-d2133hs_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.01 OR cpe:2.3:h:buffalo:wrm-d2133hs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wtr-m2133hp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.01 OR cpe:2.3:h:buffalo:wtr-m2133hp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wtr-m2133hs_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.01 OR cpe:2.3:h:buffalo:wtr-m2133hs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wem-1266_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.87 OR cpe:2.3:h:buffalo:wem-1266:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wem-1266wp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.87 OR cpe:2.3:h:buffalo:wem-1266wp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:vr-u300w_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:vr-u300w:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:vr-u500x_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:vr-u500x:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-1266r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:wapm-1266r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-1266wdpr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:wapm-1266wdpr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-1266wdpra_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:wapm-1266wdpra:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-1750d_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.07 OR cpe:2.3:h:buffalo:wapm-1750d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-2133r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:wapm-2133r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-2133tr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:wapm-2133tr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-ax4r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:wapm-ax4r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-ax8r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:wapm-ax8r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wapm-axetr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:wapm-axetr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:waps-1266_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:waps-1266:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:waps-ax4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.42 OR cpe:2.3:h:buffalo:waps-ax4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:fs-m1266_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.13 OR cpe:2.3:h:buffalo:fs-m1266:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:fs-s1266_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.13 OR cpe:2.3:h:buffalo:fs-s1266:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-600dhp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-600dhp2_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-600dhp3_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-900dhp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-900dhp2_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-s600dhp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:buffalo:wzr-s900dhp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*
    Added Reference Type JPCERT/CC: https://jvn.jp/en/jp/JVN83788689/ Types: Third Party Advisory
    Added Reference Type JPCERT/CC: https://www.buffalo.jp/news/detail/20260323-01.html Types: Vendor Advisory
  • New CVE Received by [email protected]

    Mar. 27, 2026

    Action Type Old Value New Value
    Added Description Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CVSS V3 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-912
    Added Reference https://jvn.jp/en/jp/JVN83788689/
    Added Reference https://www.buffalo.jp/news/detail/20260323-01.html
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS
Vulnerability Scoring Details
Base CVSS Score: 8.6
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Base CVSS Score: 9.8
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Base CVSS Score: 7.2
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact