Vulnerability Details CVE-2026-27650
OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.7%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2026-27650
-
cpe:2.3:h:buffalo:fs-m1266:-
-
cpe:2.3:h:buffalo:fs-s1266:-
-
cpe:2.3:h:buffalo:vr-u300w:-
-
cpe:2.3:h:buffalo:vr-u500x:-
-
cpe:2.3:h:buffalo:wapm-1266r:-
-
cpe:2.3:h:buffalo:wapm-1266wdpr:-
-
cpe:2.3:h:buffalo:wapm-1266wdpra:-
-
cpe:2.3:h:buffalo:wapm-1750d:-
-
cpe:2.3:h:buffalo:wapm-2133r:-
-
cpe:2.3:h:buffalo:wapm-2133tr:-
-
cpe:2.3:h:buffalo:wapm-ax4r:-
-
cpe:2.3:h:buffalo:wapm-ax8r:-
-
cpe:2.3:h:buffalo:wapm-axetr:-
-
cpe:2.3:h:buffalo:waps-1266:-
-
cpe:2.3:h:buffalo:waps-ax4:-
-
cpe:2.3:h:buffalo:wcr-1166dhpl:-
-
cpe:2.3:h:buffalo:wem-1266:-
-
cpe:2.3:h:buffalo:wem-1266wp:-
-
cpe:2.3:h:buffalo:wrm-d2133hp:-
-
cpe:2.3:h:buffalo:wrm-d2133hs:-
-
cpe:2.3:h:buffalo:wsr3600be4-kh:-
-
cpe:2.3:h:buffalo:wsr3600be4p:-
-
cpe:2.3:h:buffalo:wtr-m2133hp:-
-
cpe:2.3:h:buffalo:wtr-m2133hs:-
-
cpe:2.3:h:buffalo:wxr-1750dhp2:-
-
cpe:2.3:h:buffalo:wxr-1750dhp:-
-
cpe:2.3:h:buffalo:wxr-1900dhp2:-
-
cpe:2.3:h:buffalo:wxr-1900dhp3:-
-
cpe:2.3:h:buffalo:wxr-1900dhp:-
-
cpe:2.3:h:buffalo:wxr-5950ax12:-
-
cpe:2.3:h:buffalo:wxr-6000ax12b:-
-
cpe:2.3:h:buffalo:wxr-6000ax12p:-
-
cpe:2.3:h:buffalo:wxr-6000ax12s:-
-
cpe:2.3:h:buffalo:wxr18000be10p:-
-
cpe:2.3:h:buffalo:wzr-1166dhp2:-
-
cpe:2.3:h:buffalo:wzr-1166dhp:-
-
cpe:2.3:h:buffalo:wzr-1750dhp2:-
-
cpe:2.3:h:buffalo:wzr-1750dhp:-
-
cpe:2.3:h:buffalo:wzr-600dhp2:-
-
cpe:2.3:h:buffalo:wzr-600dhp3:-
-
cpe:2.3:h:buffalo:wzr-600dhp:-
-
cpe:2.3:h:buffalo:wzr-900dhp2:-
-
cpe:2.3:h:buffalo:wzr-900dhp:-
-
cpe:2.3:h:buffalo:wzr-s1750dhp:-
-
cpe:2.3:h:buffalo:wzr-s600dhp:-
-
cpe:2.3:h:buffalo:wzr-s900dhp:-
-
cpe:2.3:o:buffalo:fs-m1266_firmware:*
-
cpe:2.3:o:buffalo:fs-s1266_firmware:*
-
cpe:2.3:o:buffalo:vr-u300w_firmware:*
-
cpe:2.3:o:buffalo:vr-u500x_firmware:*
-
cpe:2.3:o:buffalo:wapm-1266r_firmware:*
-
cpe:2.3:o:buffalo:wapm-1266wdpr_firmware:*
-
cpe:2.3:o:buffalo:wapm-1266wdpra_firmware:*
-
cpe:2.3:o:buffalo:wapm-1750d_firmware:*
-
cpe:2.3:o:buffalo:wapm-2133r_firmware:*
-
cpe:2.3:o:buffalo:wapm-2133tr_firmware:*
-
cpe:2.3:o:buffalo:wapm-ax4r_firmware:*
-
cpe:2.3:o:buffalo:wapm-ax8r_firmware:*
-
cpe:2.3:o:buffalo:wapm-axetr_firmware:*
-
cpe:2.3:o:buffalo:waps-1266_firmware:*
-
cpe:2.3:o:buffalo:waps-ax4_firmware:*
-
cpe:2.3:o:buffalo:wcr-1166dhpl_firmware:*
-
cpe:2.3:o:buffalo:wem-1266_firmware:-
-
cpe:2.3:o:buffalo:wem-1266_firmware:2.85
-
cpe:2.3:o:buffalo:wem-1266wp_firmware:-
-
cpe:2.3:o:buffalo:wem-1266wp_firmware:2.85
-
cpe:2.3:o:buffalo:wrm-d2133hp_firmware:-
-
cpe:2.3:o:buffalo:wrm-d2133hs_firmware:-
-
cpe:2.3:o:buffalo:wsr3600be4-kh_firmware:*
-
cpe:2.3:o:buffalo:wsr3600be4p_firmware:*
-
cpe:2.3:o:buffalo:wtr-m2133hp_firmware:-
-
cpe:2.3:o:buffalo:wtr-m2133hs_firmware:-
-
cpe:2.3:o:buffalo:wxr-1750dhp2_firmware:-
-
cpe:2.3:o:buffalo:wxr-1750dhp_firmware:2.42
-
cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:2.48
-
cpe:2.3:o:buffalo:wxr-1900dhp3_firmware:-
-
cpe:2.3:o:buffalo:wxr-1900dhp_firmware:2.34
-
cpe:2.3:o:buffalo:wxr-5950ax12_firmware:-
-
cpe:2.3:o:buffalo:wxr-6000ax12b_firmware:-
-
cpe:2.3:o:buffalo:wxr-6000ax12p_firmware:*
-
cpe:2.3:o:buffalo:wxr-6000ax12s_firmware:-
-
cpe:2.3:o:buffalo:wxr18000be10p_firmware:*
-
cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:2.13
-
cpe:2.3:o:buffalo:wzr-1166dhp_firmware:2.13
-
cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:2.28
-
cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:2.30
-
cpe:2.3:o:buffalo:wzr-1750dhp_firmware:2.28
-
cpe:2.3:o:buffalo:wzr-600dhp2_firmware:-
-
cpe:2.3:o:buffalo:wzr-600dhp3_firmware:-
-
cpe:2.3:o:buffalo:wzr-600dhp_firmware:-
-
cpe:2.3:o:buffalo:wzr-900dhp2_firmware:-
-
cpe:2.3:o:buffalo:wzr-900dhp_firmware:-
-
cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:2.28
-
cpe:2.3:o:buffalo:wzr-s600dhp_firmware:-
-
cpe:2.3:o:buffalo:wzr-s900dhp_firmware:-