Primary

Context

BUFFALO WSR-1800AX4 Series Wi-Fi Router Password Hash Vulnerability

Vulnerability

A vulnerability exists in the BUFFALO Wi-Fi router WSR-1800AX4 series, specifically in models WSR-1800AX4, WSR-1800AX4S, WSR-1800AX4B, and WSR-1800AX4-KH, all running firmware versions prior to the latest updates. This vulnerability involves the use of password hashes that lack sufficient computational effort, potentially allowing an attacker to obtain the WPS PIN code and Wi-Fi password when WPS is enabled.

Impact

Exploitation of this vulnerability could lead to the unauthorized retrieval of the WPS PIN code and Wi-Fi connection information, including the encryption key.

Remediation

Users are advised to update their router's firmware to the latest version. Firmware updates are available for download on the BUFFALO support website.

Added: Nov 7, 2025, 9:34 AM

Updated: Nov 7, 2025, 9:34 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.9

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.9

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BUFFALO WSR-1800AX4 Series Wi-Fi Router Password Hash Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating