Vulnerabilities > Elecom
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-18 | CVE-2023-39455 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 8.8 |
2023-08-18 | CVE-2023-39944 | OS Command Injection vulnerability in Elecom Wrc-1750Ghbk Firmware and Wrc-F1167Acf Firmware OS command injection vulnerability in WRC-F1167ACF all versions, and WRC-1750GHBK all versions allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. | 8.8 |
2023-08-18 | CVE-2023-40069 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. | 9.8 |
2023-08-18 | CVE-2023-40072 | OS Command Injection vulnerability in Elecom Wab-S300 Firmware and Wab-S600-Ps Firmware OS command injection vulnerability in ELECOM network devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 8.8 |
2023-07-13 | CVE-2023-37564 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary OS command with a root privilege by sending a specially crafted request. | 8.0 |
2023-07-13 | CVE-2023-37565 | Code Injection vulnerability in Elecom products Code injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute arbitrary code by sending a specially crafted request. | 8.0 |
2023-07-13 | CVE-2023-37562 | Cross-Site Request Forgery (CSRF) vulnerability in Elecom Wtc-C1167Gc-B Firmware and Wtc-C1167Gc-W Firmware Cross-site request forgery (CSRF) vulnerability in exists in WTC-C1167GC-B v1.17 and earlier, and WTC-C1167GC-W v1.17 and earlier. | 8.8 |
2023-07-13 | CVE-2023-37563 | Unspecified vulnerability in Elecom products ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network-adjacent unauthorized attacker to obtain sensitive information. low complexity elecom | 6.5 |
2023-07-13 | CVE-2023-37560 | Cross-site Scripting vulnerability in Elecom Wrh-300Wh-H Firmware and Wtc-300Hwh Firmware Cross-site scripting vulnerability in WRH-300WH-H v2.12 and earlier, and WTC-300HWH v1.09 and earlier allows a remote unauthenticated attacker to inject an arbitrary script. | 6.1 |
2023-07-13 | CVE-2023-37561 | Open Redirect vulnerability in Elecom products Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 6.1 |