CVE-2022-40966 Information
Description
Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier WHR-HP-G300N firmware Ver. 2.00 and earlier WHR-HP-GN firmware Ver. 1.87 and earlier WPL-05G300 firmware Ver. 1.88 and earlier WRM-D2133HP firmware Ver. 2.85 and earlier WRM-D2133HS firmware Ver. 2.96 and earlier WTR-M2133HP firmware Ver. 2.85 and earlier WTR-M2133HS firmware Ver. 2.96 and earlier WXR-1900DHP firmware Ver. 2.50 and earlier WXR-1900DHP2 firmware Ver. 2.59 and earlier WXR-1900DHP3 firmware Ver. 2.63 and earlier WXR-5950AX12 firmware Ver. 3.40 and earlier WXR-6000AX12B firmware Ver. 3.40 and earlier WXR-6000AX12S firmware Ver. 3.40 and earlier WZR-300HP firmware Ver. 2.00 and earlier WZR-450HP firmware Ver. 2.00 and earlier WZR-600DHP firmware Ver. 2.00 and earlier WZR-900DHP firmware Ver. 1.15 and earlier WZR-1750DHP2 firmware Ver. 2.31 and earlier WZR-HP-AG300H firmware Ver. 1.76 and earlier WZR-HP-G302H firmware Ver. 1.86 and earlier WEM-1266 firmware Ver. 2.85 and earlier WEM-1266WP firmware Ver. 2.85 and earlier WLAE-AG300N firmware Ver. 1.86 and earlier FS-600DHP firmware Ver. 3.40 and earlier FS-G300N firmware Ver. 3.14 and earlier FS-HP-G300N firmware Ver. 3.33 and earlier FS-R600DHP firmware Ver. 3.40 and earlier BHR-4GRV firmware Ver. 2.00 and earlier DWR-HP-G300NH firmware Ver. 1.84 and earlier DWR-PG firmware Ver. 1.83 and earlier HW-450HP-ZWE firmware Ver. 2.00 and earlier WER-A54G54 firmware Ver. 1.43 and earlier WER-AG54 firmware Ver. 1.43 and earlier WER-AM54G54 firmware Ver. 1.43 and earlier WER-AMG54 firmware Ver. 1.43 and earlier WHR-300 firmware Ver. 2.00 and earlier WHR-300HP firmware Ver. 2.00 and earlier WHR-AM54G54 firmware Ver. 1.43 and earlier WHR-AMG54 firmware Ver. 1.43 and earlier WHR-AMPG firmware Ver. 1.52 and earlier WHR-G firmware Ver. 1.49 and earlier WHR-G300N firmware Ver. 1.65 and earlier WHR-G301N firmware Ver. 1.87 and earlier WHR-G54S firmware Ver. 1.43 and earlier WHR-G54S-NI firmware Ver. 1.24 and earlier WHR-HP-AMPG firmware Ver. 1.43 and earlier WHR-HP-G firmware Ver. 1.49 and earlier WHR-HP-G54 firmware Ver. 1.43 and earlier WLI-H4-D600 firmware Ver. 1.88 and earlier WS024BF firmware Ver. 1.60 and earlier WS024BF-NW firmware Ver. 1.60 and earlier WXR-1750DHP firmware Ver. 2.60 and earlier WXR-1750DHP2 firmware Ver. 2.60 and earlier WZR-1166DHP firmware Ver. 2.18 and earlier WZR-1166DHP2 firmware Ver. 2.18 and earlier WZR-1750DHP firmware Ver. 2.30 and earlier WZR2-G300N firmware Ver. 1.55 and earlier WZR-450HP-CWT firmware Ver. 2.00 and earlier WZR-450HP-UB firmware Ver. 2.00 and earlier WZR-600DHP2 firmware Ver. 1.15 and earlier WZR-600DHP3 firmware Ver. 2.19 and earlier WZR-900DHP2 firmware Ver. 2.19 and earlier WZR-AGL300NH firmware Ver. 1.55 and earlier WZR-AMPG144NH firmware Ver. 1.49 and earlier WZR-AMPG300NH firmware Ver. 1.51 and earlier WZR-D1100H firmware Ver. 2.00 and earlier WZR-G144N firmware Ver. 1.48 and earlier WZR-G144NH firmware Ver. 1.48 and earlier WZR-HP-G300NH firmware Ver. 1.84 and earlier WZR-HP-G301NH firmware Ver. 1.84 and earlier WZR-HP-G450H firmware Ver. 1.90 and earlier WZR-S1750DHP firmware Ver. 2.32 and earlier WZR-S600DHP firmware Ver. 2.19 and earlier and WZR-S900DHP firmware Ver. 2.19 and earlier.
Reference
https://jvn.jp/en/vu/JVNVU92805279/index.html https://www.buffalo.jp/news/detail/20221003-01.html
Share on: