Vulnerabilities > Elecom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-13 | CVE-2023-37565 | Code Injection vulnerability in Elecom products Code injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute arbitrary code by sending a specially crafted request. | 8.0 |
| 2023-07-13 | CVE-2023-37562 | Cross-Site Request Forgery (CSRF) vulnerability in Elecom Wtc-C1167Gc-B Firmware and Wtc-C1167Gc-W Firmware Cross-site request forgery (CSRF) vulnerability in exists in WTC-C1167GC-B v1.17 and earlier, and WTC-C1167GC-W v1.17 and earlier. | 8.8 |
| 2023-07-13 | CVE-2023-37563 | Unspecified vulnerability in Elecom products ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network-adjacent unauthorized attacker to obtain sensitive information. low complexity elecom | 6.5 |
| 2023-07-13 | CVE-2023-37560 | Cross-site Scripting vulnerability in Elecom Wrh-300Wh-H Firmware and Wtc-300Hwh Firmware Cross-site scripting vulnerability in WRH-300WH-H v2.12 and earlier, and WTC-300HWH v1.09 and earlier allows a remote unauthenticated attacker to inject an arbitrary script. | 6.1 |
| 2023-07-13 | CVE-2023-37561 | Open Redirect vulnerability in Elecom products Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 6.1 |
| 2023-07-13 | CVE-2023-37566 | Command Injection vulnerability in Elecom Wrc-1167Febk-A Firmware and Wrc-1167Ghbk3-A Firmware Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary command by sending a specially crafted request to the web management page. | 8.0 |
| 2023-07-13 | CVE-2023-37567 | Command Injection vulnerability in Elecom Wrc-1167Ghbk3-A Firmware Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a remote unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port of the web management page. | 9.8 |
| 2023-07-13 | CVE-2023-37568 | Command Injection vulnerability in Elecom Wrc-1167Gebk-S Firmware and Wrc-1167Ghbk-S Firmware ELECOM wireless LAN routers WRC-1167GHBK-S v1.03 and earlier, and WRC-1167GEBK-S v1.03 and earlier allow a network-adjacent authenticated attacker to execute an arbitrary command by sending a specially crafted request to the web management page. | 8.0 |
| 2023-04-11 | CVE-2023-22282 | Unquoted Search Path or Element vulnerability in Elecom Wab-Mat 5.0.0.8 WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. | 7.3 |
| 2023-02-15 | CVE-2023-22368 | Untrusted Search Path vulnerability in Elecom Camera Assistant and Quickfiledealer Untrusted search path vulnerability in ELECOM Camera Assistant 1.00 and QuickFileDealer Ver.1.2.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |