CVE-2026-27650
Received Received - Intake
OS Command Injection in BUFFALO Wi-Fi Routers Enables Remote Execution

Publication date: 2026-03-27

Last updated on: 2026-03-31

Assigner: JPCERT/CC

Description
OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-27
Last Modified
2026-03-31
Generated
2026-06-16
AI Q&A
2026-03-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-27650
EUVD
EUVD-2026-16543
Affected Vendors & Products
Showing 46 associated CPEs
Vendor Product Version / Range
buffalo wcr-1166dhpl_firmware to 1.01 (exc)
buffalo wsr3600be4-kh_firmware to 6.02 (exc)
buffalo wsr3600be4p_firmware to 5.02 (exc)
buffalo wxr-1750dhp_firmware to 2.63 (exc)
buffalo wxr-1750dhp2_firmware to 2.63 (exc)
buffalo wxr18000be10p_firmware to 5.03 (exc)
buffalo wxr-1900dhp_firmware to 2.53 (exc)
buffalo wxr-1900dhp2_firmware to 2.62 (exc)
buffalo wxr-1900dhp3_firmware to 2.66 (exc)
buffalo wxr-5950ax12_firmware to 3.57 (exc)
buffalo wxr-6000ax12b_firmware to 3.57 (exc)
buffalo wxr-6000ax12p_firmware to 3.57 (exc)
buffalo wxr-6000ax12s_firmware to 3.57 (exc)
buffalo wzr-1166dhp_firmware to 2.20 (exc)
buffalo wzr-1166dhp2_firmware to 2.20 (exc)
buffalo wzr-1750dhp_firmware to 2.32 (exc)
buffalo wzr-1750dhp2_firmware to 2.33 (exc)
buffalo wzr-s1750dhp_firmware to 2.34 (exc)
buffalo wrm-d2133hp_firmware to 3.01 (exc)
buffalo wrm-d2133hs_firmware to 3.01 (exc)
buffalo wtr-m2133hp_firmware to 3.01 (exc)
buffalo wtr-m2133hs_firmware to 3.01 (exc)
buffalo wem-1266_firmware to 2.87 (exc)
buffalo wem-1266wp_firmware to 2.87 (exc)
buffalo vr-u300w_firmware to 1.42 (exc)
buffalo vr-u500x_firmware to 1.42 (exc)
buffalo wapm-1266r_firmware to 1.42 (exc)
buffalo wapm-1266wdpr_firmware to 1.42 (exc)
buffalo wapm-1266wdpra_firmware to 1.42 (exc)
buffalo wapm-1750d_firmware to 1.07 (exc)
buffalo wapm-2133r_firmware to 1.42 (exc)
buffalo wapm-2133tr_firmware to 1.42 (exc)
buffalo wapm-ax4r_firmware to 1.42 (exc)
buffalo wapm-ax8r_firmware to 1.42 (exc)
buffalo wapm-axetr_firmware to 1.42 (exc)
buffalo waps-1266_firmware to 1.42 (exc)
buffalo waps-ax4_firmware to 1.42 (exc)
buffalo fs-m1266_firmware to 4.13 (exc)
buffalo fs-s1266_firmware to 4.13 (exc)
buffalo wzr-600dhp_firmware *
buffalo wzr-600dhp2_firmware *
buffalo wzr-600dhp3_firmware *
buffalo wzr-900dhp_firmware *
buffalo wzr-900dhp2_firmware *
buffalo wzr-s600dhp_firmware *
buffalo wzr-s900dhp_firmware *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an OS Command Injection issue found in BUFFALO Wi-Fi router products. It allows an attacker to execute arbitrary operating system commands on the affected devices.

Impact Analysis

If exploited, this vulnerability can allow an attacker to run any OS command on the affected router, potentially leading to unauthorized control over the device, disruption of network services, data theft, or further attacks on connected systems.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27650. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart