high
8.8
CWE
287
Advisory Published
Updated

CVE-2022-40966

First published: Wed Dec 07 2022(Updated: )

Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier.

Credit: vultures@jpcert.or.jp

Affected SoftwareAffected VersionHow to fix
Arcadyan Buffalo Firmware<=1.87
Buffalo WCR-300 firmware
Buffalo WHR-HP-G300N<=2.00
Buffalo WHR-HP-G300N firmware
Buffalo WHR-HP-GN Firmware<=1.87
Buffalo WHR-HP-GN firmware
Buffalo WPL-05G300<=1.88
Buffalo WPL-05G300 firmware
Buffalo WTR-M2133HP<=2.85
Buffalo WRM-D2133HP firmware
Buffalo WRM-D2133HS Firmware<=2.96
Buffalo WRM-D2133HS firmware
Buffalo WTR-M2133HP<=2.85
Buffalo WTR-M2133HP firmware
Buffalo WTR-M2133HS Firmware<=2.96
Buffalo WTR-M2133HS firmware
Buffalo WXR-1900DHP2<=2.50
Buffalo WXR-1900DHP2
Buffalo WXR-1900DHP2<=2.59
Buffalo WXR-1900DHP2 firmware
Buffalo WXR-1900DHP3<=2.63
Buffalo WXR-1900DHP3 firmware
Buffalo WXR-5950AX12 Firmware<=3.40
Buffalo WXR-5950AX12 firmware
Buffalo WXR-6000AX12B<=3.40
Buffalo WXR-6000AX12B
Buffalo WXR-6000AX12S Firmware<=3.40
Buffalo WXR-6000AX12S firmware
Buffalo WZR-300HP firmware<=2.00
Buffalo WZR-300HP firmware
Buffalo WZR-450HP<=2.00
Buffalo WZR-450HP firmware
Buffalo WZR-600DHP firmware<=2.00
BUFFALO wireless LAN routers
Buffalo WZR-900DHP firmware<=1.15
Buffalo WZR-900DHP firmware
Buffalo WZR-1750DHP2 firmware<=2.31
Buffalo WZR-1750DHP2 firmware
Buffalo WZR-HP-AG300H<=1.76
Buffalo WZR-HP-AG300H firmware
Buffalo WZR-HP-G302H<=1.86
Buffalo WZR-HP-G302H firmware
Arcadyan Buffalo Firmware<=2.85
Buffalo WEM-1266WP firmware
Buffalo WEM-1266<=2.85
Buffalo WEM-1266WP firmware
Buffalo WLAE-AG300N firmware<=1.86
Buffalo WLAE-AG300N firmware
Arcadyan Buffalo Firmware<=3.40
Buffalo FS-600DHP firmware
Buffalo FS-G300N<=3.14
Buffalo FS-G300N firmware
Buffalo FS-HP-G300N firmware<=3.33
Buffalo FS-HP-G300N firmware
Buffalo FS-R600DHP<=3.40
Buffalo FS-R600DHP firmware
Arcadyan Buffalo Firmware<=2.00
Buffalo BHR-4GRV firmware
Buffalo DWR-HP-G300NH<=1.84
Buffalo DWR-HP-G300NH firmware
Buffalo DWR-PG firmware<=1.83
Buffalo DWR-PG firmware
Buffalo HW-450HP-ZWE<=2.00
Buffalo HW-450HP-ZWE firmware
Buffalo Technology WER-A54G54<=1.43
Buffalo Technology WER-A54G54
Buffalo Technology WER-AG54 Firmware<=1.43
Buffalo WER-AG54 firmware
Buffalo Tech WER-AM54G54 Firmware<=1.43
Buffalo Tech WER-AM54G54 Firmware
Buffalo WER-AMG54<=1.43
Buffalo Technology WER-AMG54
Arcadyan Buffalo Firmware<=2.00
Buffalo WHR-300
Buffalo WHR-300HP firmware<=2.00
Buffalo WHR-300HP2
Buffalo WHR-AMG54 Firmware<=1.43
Buffalo WHR-AMG54 Firmware
Buffalo WHR-AMG54 Firmware<=1.43
Buffalo WHR-AMG54 firmware
Buffalo Technology WHR-AMPG<=1.52
Buffalo WHR-AMPG firmware
Buffalo WHR-G Firmware<=1.49
Buffalo Technology WHR-G Series
Buffalo WHR-G300N<=1.65
Buffalo WHR-HP-G300N
Buffalo WHR-G301N<=1.87
Buffalo WHR-G301N firmware
Buffalo WHR-G54S Firmware<=1.43
Buffalo Airstation WHR-G54S firmware
Buffalo WHR-G54S Firmware<=1.24
Buffalo WHR-G54S-NI firmware
Buffalo WHR-HP-AMPG firmware<=1.43
Buffalo Technology WHR-HP-AMPG
Buffalo WHR-HP-G firmware<=1.49
Buffalo Technology WHR-HP-G
Buffalo WHR-HP-G firmware<=1.43
Buffalo WHR-HP-G54 Firmware
Buffalo WLI-H4-D600 firmware<=1.88
Buffalo WLI-H4-D600 firmware
Arcadyan Buffalo Firmware<=1.60
Buffalo WS024BF firmware
Arcadyan Buffalo Firmware<=1.60
Buffalo WS024BF-NW firmware
Buffalo WXR-1750DHP2 firmware<=2.60
Buffalo WXR-1750DHP firmware
Buffalo WXR-1750DHP2<=2.60
Buffalo WXR-1750DHP2
Buffalo WZR-1166DHP firmware<=2.18
Buffalo WZR-1166DHP firmware
Buffalo WZR-1166DHP2<=2.18
Buffalo WZR-1166DHP2 firmware
Buffalo WZR-1750DHP firmware<=2.30
Buffalo WZR-1750DHP2 firmware
Buffalo Technology WZR2-G300N Firmware<=1.55
Buffalo Technology WZR2-G300N Firmware
Buffalo WZR-450HP<=2.00
Buffalo WZR-450HP
Buffalo WZR-450HP firmware<=2.00
Buffalo WZR-450HP-UB firmware
Buffalo WZR-600DHP2 firmware<=1.15
Buffalo WZR-600DHP2 firmware
Buffalo WZR-600DHP3 firmware<=2.19
BUFFALO wireless LAN routers
Buffalo WZR-900DHP2<=2.19
Buffalo WZR-900DHP2 firmware
Buffalo WZR-AGL300NH firmware<=1.55
Buffalo WZR-AGL300NH firmware
Buffalo WZR-AMPG144NH<=1.49
Buffalo WZR-AMPG144NH firmware
Buffalo Technology WZR-AMPG300NH<=1.51
Buffalo WZR-AMPG300NH firmware
Buffalo WZR-D1100H<=2.00
Buffalo WZR-D1100H firmware
Buffalo Technology WZR-G144N Firmware<=1.48
Buffalo WZR-G144N firmware
Buffalo Technology WZR-G144NH Firmware<=1.48
Buffalo WZR-G144NH firmware
Buffalo WZR-HP-G300NH firmware<=1.84
Buffalo WZR-HP-G300NH firmware
Buffalo WZR-HP-G301NH<=1.84
Buffalo WZR-HP-G301NH firmware
Buffalo WZR-HP-G450H<=1.90
Buffalo WZR-HP-G450H firmware
Buffalo WZR-S1750DHP<=2.32
Buffalo WZR-S1750DHP firmware
Buffalo WZR-S600DHP<=2.19
Buffalo WZR-S600DHP firmware
Buffalo WZR-S900DHP<=2.19
Buffalo WZR-S900DHP firmware

Remedy

https://www.buffalo.jp/news/detail/20221003-01.html

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-40966?

    CVE-2022-40966 is classified as a high severity vulnerability due to its potential for unauthorized access.

  • How do I fix CVE-2022-40966?

    To mitigate CVE-2022-40966, update your Buffalo device firmware to a version higher than the specified vulnerable versions.

  • What devices are affected by CVE-2022-40966?

    CVE-2022-40966 affects multiple Buffalo network devices including models like WCR-300 and WHR-HP-G300N with specific firmware versions.

  • Can CVE-2022-40966 result in data breaches?

    Yes, CVE-2022-40966 allows attackers to bypass authentication, potentially leading to unauthorized access and data breaches.

  • Is CVE-2022-40966 exploitable remotely?

    CVE-2022-40966 can be exploited by a network-adjacent attacker, hence it requires physical or network proximity to the device.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203