CVE-2021-20716

Name: CVE-2021-20716
Creator: NVD / NIST
Published: 2021-04-28T01:15:17.107+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10EPSS 3.18%

Last modified Jun 17, 2026

CVE-2021-20716 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, WBR-B11 firmware Ver.2.23 and prior, WBR-G54 firmware Ver.2.23 and prior, WBR-G54L firmware Ver.2.20 and prior, WHR2-A54G54 firmware Ver.2.25 and prior, WHR2-G54 firmware Ver.2.23 and prior, WHR2-G54V firmware Ver.2.55 and prior, WHR3-AG54 firmware Ver.2.23 and prior, WHR-G54 firmware Ver.2.16 and prior, WHR-G54-NF firmware Ver.2.10 and prior, WLA2-G54 firmware Ver.2.24 and prior, WLA2-G54C firmware Ver.2.24 and prior, WLA-B11 firmware Ver.2.20 and prior, WLA-G54 firmware Ver.2.20 and prior, WLA-G54C firmware Ver.2.20 and prior, WLAH-A54G54 firmware Ver.2.54 and prior, WLAH-AM54G54 firmware Ver.2.54 and prior, WLAH-G54 firmware Ver.2.54 and prior, WLI2-TX1-AG54 firmware Ver.2.53 and prior, WLI2-TX1-AMG54 firmware Ver.2.53 and prior, WLI2-TX1-G54 firmware Ver.2.20 and prior, WLI3-TX1-AMG54 firmware Ver.2.53 and prior, WLI3-TX1-G54 firmware Ver.2.53 and prior, WLI-T1-B11 firmware Ver.2.20 and prior, WLI-TX1-G54 firmware Ver.2.20 and prior, WVR-G54-NF firmware Ver.2.02 and prior, WZR-G108 firmware Ver.2.41 and prior, WZR-G54 firmware Ver.2.41 and prior, WZR-HP-G54 firmware Ver.2.41 and prior, WZR-RS-G54 firmware Ver.2.55 and prior, and WZR-RS-G54HP firmware Ver.2.55 and prior) allows a remote attacker to enable the debug option and to execute arbitrary code or OS commands, change the configuration, and cause a denial of service (DoS) condition.. EPSS estimates a 3.18% chance of exploitation in the next 30 days.

Description

Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, WBR-B11 firmware Ver.2.23 and prior, WBR-G54 firmware Ver.2.23 and prior, WBR-G54L firmware Ver.2.20 and prior, WHR2-A54G54 firmware Ver.2.25 and prior, WHR2-G54 firmware Ver.2.23 and prior, WHR2-G54V firmware Ver.2.55 and prior, WHR3-AG54 firmware Ver.2.23 and prior, WHR-G54 firmware Ver.2.16 and prior, WHR-G54-NF firmware Ver.2.10 and prior, WLA2-G54 firmware Ver.2.24 and prior, WLA2-G54C firmware Ver.2.24 and prior, WLA-B11 firmware Ver.2.20 and prior, WLA-G54 firmware Ver.2.20 and prior, WLA-G54C firmware Ver.2.20 and prior, WLAH-A54G54 firmware Ver.2.54 and prior, WLAH-AM54G54 firmware Ver.2.54 and prior, WLAH-G54 firmware Ver.2.54 and prior, WLI2-TX1-AG54 firmware Ver.2.53 and prior, WLI2-TX1-AMG54 firmware Ver.2.53 and prior, WLI2-TX1-G54 firmware Ver.2.20 and prior, WLI3-TX1-AMG54 firmware Ver.2.53 and prior, WLI3-TX1-G54 firmware Ver.2.53 and prior, WLI-T1-B11 firmware Ver.2.20 and prior, WLI-TX1-G54 firmware Ver.2.20 and prior, WVR-G54-NF firmware Ver.2.02 and prior, WZR-G108 firmware Ver.2.41 and prior, WZR-G54 firmware Ver.2.41 and prior, WZR-HP-G54 firmware Ver.2.41 and prior, WZR-RS-G54 firmware Ver.2.55 and prior, and WZR-RS-G54HP firmware Ver.2.55 and prior) allows a remote attacker to enable the debug option and to execute arbitrary code or OS commands, change the configuration, and cause a denial of service (DoS) condition.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

3.18%

86.4th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Buffalo	Bhr-4rv Firmware	<= 2.55
Buffalo	Fs-G54 Firmware	<= 2.04
Buffalo	Wbr2-B11 Firmware	<= 2.32
Buffalo	Wbr2-G54 Firmware	<= 2.32
Buffalo	Wbr2-G54-Kd Firmware	<= 2.32
Buffalo	Wbr-B11 Firmware	<= 2.23
Buffalo	Wbr-G54 Firmware	<= 2.23
Buffalo	Wbr-G54l Firmware	<= 2.20
Buffalo	Whr2-A54g54 Firmware	<= 2.25
Buffalo	Whr2-G54 Firmware	<= 2.23
Buffalo	Whr2-G54v Firmware	<= 2.55
Buffalo	Whr3-Ag54 Firmware	<= 2.23
Buffalo	Whr-G54 Firmware	<= 2.16
Buffalo	Whr-G54-Nf Firmware	<= 2.10
Buffalo	Wla2-G54 Firmware	<= 2.24
Buffalo	Wla2-G54c Firmware	<= 2.24
Buffalo	Wla-B11 Firmware	<= 2.20
Buffalo	Wla-G54 Firmware	<= 2.20
Buffalo	Wla-G54c Firmware	<= 2.20
Buffalo	Wlah-A54g54 Firmware	<= 2.54
Buffalo	Wlah-Am54g54 Firmware	<= 2.54
Buffalo	Wlah-G54 Firmware	<= 2.54
Buffalo	Wli2-Tx1-Ag54 Firmware	<= 2.53
Buffalo	Wli2-Tx1-Amg54 Firmware	<= 2.53
Buffalo	Wli2-Tx1-G54 Firmware	<= 2.20
Buffalo	Wli3-Tx1-Amg54 Firmware	<= 2.53
Buffalo	Wli3-Tx1-G54 Firmware	<= 2.53
Buffalo	Wli-T1-B11 Firmware	<= 2.20
Buffalo	Wli-Tx1-G54 Firmware	<= 2.20
Buffalo	Wvr-G54-Nf Firmware	<= 2.02
Buffalo	Wzr-G108 Firmware	<= 2.41
Buffalo	Wzr-G54 Firmware	<= 2.41
Buffalo	Wzr-Hp-G54 Firmware	<= 2.41
Buffalo	Wzr-Rs-G54 Firmware	<= 2.55
Buffalo	Wzr-Rs-G54hp Firmware	<= 2.55

References

https://jvn.jp/en/vu/JVNVU90274525/index.htmlThird Party Advisory
https://www.buffalo.jp/news/detail/20210427-02.htmlVendor Advisory
https://jvn.jp/en/vu/JVNVU90274525/index.htmlThird Party Advisory
https://www.buffalo.jp/news/detail/20210427-02.htmlVendor Advisory

Timeline

Published: Apr 28, 2021
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2021-20716?

How severe is CVE-2021-20716?

CVE-2021-20716 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 3.18% probability of exploitation in the next 30 days.

How do I fix CVE-2021-20716?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-20716?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST