Multiple Buffalo network devices contain hidden functionality


Multiple network devices provided by BUFFALO INC. contain hidden functionality (CWE-912) that allows an attacker to enable the debug option.

Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 8.8 (High) [IPA Score]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 10.0 (High) [NVD Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete
Affected Products

  • BHR-4RV firmware Ver.2.55 and prior
  • FS-G54 firmware Ver.2.04 and prior
  • WBR-B11 firmware Ver.2.23 and prior
  • WBR-G54 firmware Ver.2.23 and prior
  • WBR-G54L firmware Ver.2.20 and prior
  • WBR2-B11 firmware Ver.2.32 and prior
  • WBR2-G54 firmware Ver.2.32 and prior
  • WBR2-G54-KD firmware Ver.2.32 and prior
  • WHR-G54 firmware Ver.2.16 and prior
  • WHR-G54-NF firmware Ver.2.10 and prior
  • WHR2-A54G54 firmware Ver.2.25 and prior
  • WHR2-G54 firmware Ver.2.23 and prior
  • WHR2-G54V firmware Ver.2.55 and prior
  • WHR3-AG54 firmware Ver.2.23 and prior
  • WLA-B11 firmware Ver.2.20 and prior
  • WLA-G54 firmware Ver.2.20 and prior
  • WLA-G54C firmware Ver.2.20 and prior
  • WLA2-G54 firmware Ver.2.24 and prior
  • WLA2-G54C firmware Ver.2.24 and prior
  • WLAH-A54G54 firmware Ver.2.54 and prior
  • WLAH-AM54G54 firmware Ver.2.54 and prior
  • WLAH-G54 firmware Ver.2.54 and prior
  • WLI-T1-B11 firmware Ver.2.20 and prior
  • WLI-TX1-G54 firmware Ver.2.20 and prior
  • WLI2-TX1-AG54 firmware Ver.2.53 and prior
  • WLI2-TX1-AMG54 firmware Ver.2.53 and prior
  • WLI2-TX1-G54 firmware Ver.2.20 and prior
  • WLI3-TX1-AMG54 firmware Ver.2.53 and prior
  • WLI3-TX1-G54 firmware Ver.2.53 and prior
  • WVR-G54-NF firmware Ver.2.02 and prior
  • WZR-G108 firmware Ver.2.41 and prior
  • WZR-G54 firmware Ver.2.41 and prior
  • WZR-HP-G54 firmware Ver.2.41 and prior
  • WZR-RS-G54 firmware Ver.2.55 and prior
  • WZR-RS-G54HP firmware Ver.2.55 and prior


A network-adjacent attacker may execute arbitrary code or OS commands, change the configuration, and cause a denial of service (DoS) condition.

[Do not use the products]
According to the developer, the devices are no longer supported and it is recommended for the users to use alternative devices.
For more details, refer to the information provided by the developer.
Vendor Information

CWE (What is CWE?)

  1. Hidden Functionality(CWE-912) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2021-20716

  1. JVN : JVNVU#90274525
  2. National Vulnerability Database (NVD) : CVE-2021-20716
Revision History

  • [2021/04/28]
      Web page was published
  • [2021/05/07]
      Impact : Content was modified