CVE-2022-40966

CVSS V2 None CVSS V3 None

Description

Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier.

Overview

CVE ID
CVE-2022-40966

Assigner
vultures@jpcert.or.jp

Vulnerability Status
Analyzed

Published Version
2022-12-07T10:15:11

Last Modified Date
2022-12-13T17:13:14

Weakness Enumerations

CWE	URL
CWE-287	http://cwe.mitre.org/data/definitions/287.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version End
		AND
cpe:2.3:o:buffalo:wcr-300_firmware::::::::	1	OR	1.87
cpe:2.3:h:buffalo:wcr-300:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-hp-g300n_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:whr-hp-g300n:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-hp-gn_firmware::::::::	1	OR	1.87
cpe:2.3:h:buffalo:whr-hp-gn:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wpl-05g300_firmware::::::::	1	OR	1.88
cpe:2.3:h:buffalo:wpl-05g300:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wrm-d2133hp_firmware::::::::	1	OR	2.85
cpe:2.3:h:buffalo:wrm-d2133hp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wrm-d2133hs_firmware::::::::	1	OR	2.96
cpe:2.3:h:buffalo:wrm-d2133hs:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wtr-m2133hp_firmware::::::::	1	OR	2.85
cpe:2.3:h:buffalo:wtr-m2133hp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wtr-m2133hs_firmware::::::::	1	OR	2.96
cpe:2.3:h:buffalo:wtr-m2133hs:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wxr-1900dhp_firmware::::::::	1	OR	2.50
cpe:2.3:h:buffalo:wxr-1900dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wxr-1900dhp2_firmware::::::::	1	OR	2.59
cpe:2.3:h:buffalo:wxr-1900dhp2:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wxr-1900dhp3_firmware::::::::	1	OR	2.63
cpe:2.3:h:buffalo:wxr-1900dhp3:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wxr-5950ax12_firmware::::::::	1	OR	3.40
cpe:2.3:h:buffalo:wxr-5950ax12:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wxr-6000ax12b_firmware::::::::	1	OR	3.40
cpe:2.3:h:buffalo:wxr-6000ax12b:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wxr-6000ax12s_firmware::::::::	1	OR	3.40
cpe:2.3:h:buffalo:wxr-6000ax12s:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-300hp_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:wzr-300hp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-450hp_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:wzr-450hp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-600dhp_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:wzr-600dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-900dhp_firmware::::::::	1	OR	1.15
cpe:2.3:h:buffalo:wzr-900dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-1750dhp2_firmware::::::::	1	OR	2.31
cpe:2.3:h:buffalo:wzr-1750dhp2:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware::::::::	1	OR	1.76
cpe:2.3:h:buffalo:wzr-hp-ag300h:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-hp-g302h_firmware::::::::	1	OR	1.86
cpe:2.3:h:buffalo:wzr-hp-g302h:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wem-1266_firmware::::::::	1	OR	2.85
cpe:2.3:h:buffalo:wem-1266:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wem-1266wp_firmware::::::::	1	OR	2.85
cpe:2.3:h:buffalo:wem-1266wp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wlae-ag300n_firmware::::::::	1	OR	1.86
cpe:2.3:h:buffalo:wlae-ag300n:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:fs-600dhp_firmware::::::::	1	OR	3.40
cpe:2.3:h:buffalo:fs-600dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:fs-g300n_firmware::::::::	1	OR	3.14
cpe:2.3:h:buffalo:fs-g300n:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:fs-hp-g300n_firmware::::::::	1	OR	3.33
cpe:2.3:h:buffalo:fs-hp-g300n:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:fs-r600dhp_firmware::::::::	1	OR	3.40
cpe:2.3:h:buffalo:fs-r600dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:bhr-4grv_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:bhr-4grv:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware::::::::	1	OR	1.84
cpe:2.3:h:buffalo:dwr-hp-g300nh:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:dwr-pg_firmware::::::::	1	OR	1.83
cpe:2.3:h:buffalo:dwr-pg:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:hw-450hp-zwe_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:hw-450hp-zwe:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wer-a54g54_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:wer-a54g54:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wer-ag54_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:wer-ag54:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wer-am54g54_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:wer-am54g54:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wer-amg54_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:wer-amg54:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-300_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:whr-300:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-300hp_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:whr-300hp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-am54g54_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:whr-am54g54:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-amg54_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:whr-amg54:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-ampg_firmware::::::::	1	OR	1.52
cpe:2.3:h:buffalo:whr-ampg:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-g_firmware::::::::	1	OR	1.49
cpe:2.3:h:buffalo:whr-g:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-g300n_firmware::::::::	1	OR	1.65
cpe:2.3:h:buffalo:whr-g300n:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-g301n_firmware::::::::	1	OR	1.87
cpe:2.3:h:buffalo:whr-g301n:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-g54s_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:whr-g54s:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-g54s-ni_firmware::::::::	1	OR	1.24
cpe:2.3:h:buffalo:whr-g54s-ni:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-hp-ampg_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:whr-hp-ampg:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-hp-g_firmware::::::::	1	OR	1.49
cpe:2.3:h:buffalo:whr-hp-g:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:whr-hp-g54_firmware::::::::	1	OR	1.43
cpe:2.3:h:buffalo:whr-hp-g54:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wli-h4-d600_firmware::::::::	1	OR	1.88
cpe:2.3:h:buffalo:wli-h4-d600:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:ws024bf_firmware::::::::	1	OR	1.60
cpe:2.3:h:buffalo:ws024bf:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:ws024bf-nw_firmware::::::::	1	OR	1.60
cpe:2.3:h:buffalo:ws024bf-nw:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wxr-1750dhp_firmware::::::::	1	OR	2.60
cpe:2.3:h:buffalo:wxr-1750dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wxr-1750dhp2_firmware::::::::	1	OR	2.60
cpe:2.3:h:buffalo:wxr-1750dhp2:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-1166dhp_firmware::::::::	1	OR	2.18
cpe:2.3:h:buffalo:wzr-1166dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-1166dhp2_firmware::::::::	1	OR	2.18
cpe:2.3:h:buffalo:wzr-1166dhp2:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-1750dhp_firmware::::::::	1	OR	2.30
cpe:2.3:h:buffalo:wzr-1750dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr2-g300n_firmware::::::::	1	OR	1.55
cpe:2.3:h:buffalo:wzr2-g300n:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:wzr-450hp-cwt:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-450hp-ub_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:wzr-450hp-ub:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-600dhp2_firmware::::::::	1	OR	1.15
cpe:2.3:h:buffalo:wzr-600dhp2:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-600dhp3_firmware::::::::	1	OR	2.19
cpe:2.3:h:buffalo:wzr-600dhp3:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-900dhp2_firmware::::::::	1	OR	2.19
cpe:2.3:h:buffalo:wzr-900dhp2:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-agl300nh_firmware::::::::	1	OR	1.55
cpe:2.3:h:buffalo:wzr-agl300nh:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-ampg144nh_firmware::::::::	1	OR	1.49
cpe:2.3:h:buffalo:wzr-ampg144nh:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-ampg300nh_firmware::::::::	1	OR	1.51
cpe:2.3:h:buffalo:wzr-ampg300nh:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-d1100h_firmware::::::::	1	OR	2.00
cpe:2.3:h:buffalo:wzr-d1100h:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-g144n_firmware::::::::	1	OR	1.48
cpe:2.3:h:buffalo:wzr-g144n:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-g144nh_firmware::::::::	1	OR	1.48
cpe:2.3:h:buffalo:wzr-g144nh:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware::::::::	1	OR	1.84
cpe:2.3:h:buffalo:wzr-hp-g300nh:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware::::::::	1	OR	1.84
cpe:2.3:h:buffalo:wzr-hp-g301nh:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-hp-g450h_firmware::::::::	1	OR	1.90
cpe:2.3:h:buffalo:wzr-hp-g450h:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-s1750dhp_firmware::::::::	1	OR	2.32
cpe:2.3:h:buffalo:wzr-s1750dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-s600dhp_firmware::::::::	1	OR	2.19
cpe:2.3:h:buffalo:wzr-s600dhp:-:::::::*	0	OR
		AND
cpe:2.3:o:buffalo:wzr-s900dhp_firmware::::::::	1	OR	2.19
cpe:2.3:h:buffalo:wzr-s900dhp:-:::::::*	0	OR

References

Reference URL	Reference Tags
https://jvn.jp/en/vu/JVNVU92805279/index.html
https://www.buffalo.jp/news/detail/20221003-01.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-40966
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40966

History

Created	Old Value	New Value	Data Type	Notes
2022-12-07 18:06:54				Added to TrackCVE
2022-12-09 13:23:12	2022-12-07T10:15:11.073	2022-12-07T10:15:11	CVE Published Date	updated
2022-12-09 13:23:12		2022-12-07T13:53:50	CVE Modified Date	updated
2022-12-09 13:23:12	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2022-12-13 17:21:15		2022-12-13T17:13:14	CVE Modified Date	updated
2022-12-13 17:21:15	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2022-12-13 17:21:16		CWE-287	Weakness Enumeration	new
2022-12-13 17:21:20			CPE Information	updated