All products running on Buffalo firmware are safe from the ‘Heartbleed’ bug. Buffalo’s LinkStation and TeraStation NAS products are completely unaffected by the bug, the same applies for all current Buffalo AirStation Router models and all routers working with Buffalo Technology firmware. For three old Buffalo routers running on DD-WRT firmware the settings should be checked to see if they could be at risk.
The ‘Heartbleed’ bug in OpenSSL versions 1.0.1 through 1.0.1f (inclusive) can detect passwords and user credentials from various systems and websites. Buffalo Technology confirms its Network Attached Storage (NAS) customers are completely safe from the Heartbleed bug.
Klaas de Vos, COO, Buffalo Europe states: “Our Japanese software engineers are extremely conservative regarding security aspects. When the new ‘heart beat’ extension was launched for Open SSL they decided not to use it. This turned out to be a good choice.”
We confirm that all current ‘AirStation’ router models and all older models running on Buffalo firmware are safe. However, users that run DDW-RT firmware on the AirStation WZR-HP-G300NH2, WZR-HP-G450H or WZR-HP-AG300H and don’t use the standard settings, may potentially be at risk. If you have manually activated ‘Open VPN’, please check out this page for updates. All three models are End of Life and not being sold anymore.