Vulnerabilities > Elecom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-24 | CVE-2024-22372 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. | 6.8 |
| 2023-12-12 | CVE-2023-49695 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command by sending a specially crafted request to the product. | 6.8 |
| 2023-11-16 | CVE-2023-43752 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in WRC-X3000GS2-W v1.05 and earlier, WRC-X3000GS2-B v1.05 and earlier, and WRC-X3000GS2A-B v1.05 and earlier allows a network-adjacent authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 8.0 |
| 2023-11-16 | CVE-2023-43757 | Inadequate Encryption Strength vulnerability in Elecom products Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. | 6.5 |
| 2023-08-18 | CVE-2023-32626 | Unspecified vulnerability in Elecom Lan-W300N/Pr5 Firmware and Lan-W300N/Rs Firmware Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. | 9.8 |
| 2023-08-18 | CVE-2023-35991 | Unspecified vulnerability in Elecom products Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. | 9.8 |
| 2023-08-18 | CVE-2023-38132 | Unspecified vulnerability in Elecom Lan-W451Ngr Firmware LAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated attacker to log in to telnet service. low complexity elecom | 8.8 |
| 2023-08-18 | CVE-2023-38576 | Unspecified vulnerability in Elecom Lan-Wh300N/Re Firmware Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console. low complexity elecom | 8.0 |
| 2023-08-18 | CVE-2023-39445 | Unspecified vulnerability in Elecom products Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted file to the product's certain management console. low complexity elecom | 8.8 |
| 2023-08-18 | CVE-2023-39454 | Classic Buffer Overflow vulnerability in Elecom products Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code. | 9.8 |