Buffalo is aware of the recently-publicized security exploit “KRACK”.
Since this vulnerability exploits the client function of the WPA2 standard, it affects wireless USB adapters and wireless routers with bridge mode that support WPA2 (WB · WDS, etc.).
Buffalo is currently investigating its product line to determine which products may be affected by this vulnerability. As the investigation progresses, Buffalo will update this public release with information regarding affected products.
Affected Products (US)
Current Products
Wireless Routers: WHR-300HP2 Series, WSR-1166DD Series, WSR-600DD Series, WZR-600DHP Series, and WHR-300HP2D Series.
We will release a fixed firmware soon. Please update the firmware as soon as it is released.
Wireless USB Adapters: WI-U2-433DM Series, WI-UC-GNM Series, and WI-U2-300D Series.
We will release a fixed driver soon. Please update the driver as soon as it is released.
Discontinued Products (US)
Wireless Routers: WZR-900DHP Series, WZR-600DHP2 Series, WZR-300HP Series, WXR-1900DHPD Series, WZR-1750DHPD Series, WZR-600DHP2D Series, WZR-450HP2D Series, WZR-HP-AG300H Series, WZR-HP-G450H Series, WZR-HP-G300NH Series, WZR-HP-G300NH2 Series, WHR-600D Series, and WHR-1166D Series.
WHR-1166D updated
We will release a fixed firmware soon. Please update the firmware as soon as it is released.
The following routers have firmware updates available:
WZR-300HP DD-WRT Firmware 30356
WHR-300HP2D DD-WRT Firmware 30357
WZR-600DHP2D DD-WRT Firmware 30357
WZR-600DHP DD-WRT Firmware 30356
WZR-1750DHPD DD-WRT Firmware 30357
WZR-HP-AG300H DD-WRT Firmware 30356
WZR-HP-G300NH DD-WRT Firmware 30356
WZR-HP-G300NH2 DD-WRT Firmware 30356
WZR-HP-G450H DD-WRT Firmware 30357
WZR-HP-G450HP2D DD-WRT Firmware 30356
WZR-1900DHPD DD-WRT NXT Firmware 1.5.5
WSR-600DD DD-WRT NXT Firmware 1.5.5
WSR-1166DD DD-WRT NXT Firmware 1.5.5
Wireless USB Adapters: WLI-UTX-AG300 Series, WLI-UC-G300HP Series, and WLI-TX4-AG300N Series.
We will release a fixed driver soon. Please update the driver as soon as it is released.
If you are not using the wireless router in bridge mode (WB · WDS etc.), it will not be affected.
Please check the following to confirm whether bridge mode is in use. (The confirmation method differs depending on the product, so please refer each product’s manual on bridge mode.)
If you set the unit rear switch to "AUTO" during product setup, bridge mode is not enabled.
If you set the unit rear switch to "MANUAL" during product setup and "ROUTER" or "AP" is selected on the switch, bridge mode is not enabled.
If you set the unit rear switch to "MANUAL" during product setup and "WB" is selected on the switch, bridge mode is enabled.
Confirmed Unaffected Products
Current Products
Wireless Router
WXR-1900DHP Series and WSR-300HP Series: These products can be used safely even in bridge mode. While bridge mode is enabled, the unit rear switch will be set to "WB".
Wireless Access Point
WAPM Series and WAPS Series: These products can be used safely as repeaters (WDS enabled).
Discontinued Products
Wireless Router WMR-433 Series and WMR-300/300S Series These products can be used safely in bridge mode.
WMR-433 updated, can be used in router mode
Workarounds
As soon as the affected products are identified, we will release firmware that patches the vulnerability.
Buffalo strongly recommends that you download the latest firmware as soon as possible after the fixed firmware becomes available.
For inquiries regarding this matter, please contact support@buffalotech.com.