Vulnerabilities > Elecom
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-30 | CVE-2024-34577 | Cross-site Scripting vulnerability in Elecom products Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B due to improper processing of input values in easysetup.cgi. | 6.1 |
2024-08-30 | CVE-2024-39300 | Missing Authentication for Critical Function vulnerability in Elecom Wab-I1750-Ps Firmware Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. | 3.7 |
2024-08-30 | CVE-2024-42412 | Cross-site Scripting vulnerability in Elecom Wab-I1750-Ps Firmware and Wab-S1167-Ps Firmware Cross-site scripting vulnerability exists in WAB-I1750-PS and WAB-S1167-PS due to improper processing of input values in menu.cgi. | 6.1 |
2024-08-01 | CVE-2024-40883 | Cross-Site Request Forgery (CSRF) vulnerability in Elecom products Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. | 8.8 |
2024-01-24 | CVE-2024-22372 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. | 6.8 |
2023-12-12 | CVE-2023-49695 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command by sending a specially crafted request to the product. | 6.8 |
2023-11-16 | CVE-2023-43752 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in WRC-X3000GS2-W v1.05 and earlier, WRC-X3000GS2-B v1.05 and earlier, and WRC-X3000GS2A-B v1.05 and earlier allows a network-adjacent authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 8.0 |
2023-11-16 | CVE-2023-43757 | Inadequate Encryption Strength vulnerability in Elecom products Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. | 6.5 |
2023-08-18 | CVE-2023-32626 | Unspecified vulnerability in Elecom Lan-W300N/Pr5 Firmware and Lan-W300N/Rs Firmware Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. | 9.8 |
2023-08-18 | CVE-2023-35991 | Unspecified vulnerability in Elecom products Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. | 9.8 |