Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-21	CVE-2024-43689	Out-of-bounds Write vulnerability in Elecom Wab-I1750-Ps Firmware and Wab-S1167-Ps Firmware Stack-based buffer overflow vulnerability exists in WAB-I1750-PS and WAB-S1167-PS. network low complexity elecom CWE-787 critical	9.8
2023-08-18	CVE-2023-32626	Unspecified vulnerability in Elecom Lan-W300N/Pr5 Firmware and Lan-W300N/Rs Firmware Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. network low complexity elecom critical	9.8
2023-08-18	CVE-2023-35991	Unspecified vulnerability in Elecom products Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. network low complexity elecom critical	9.8
2023-08-18	CVE-2023-39454	Classic Buffer Overflow vulnerability in Elecom products Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code. network low complexity elecom CWE-120 critical	9.8
2023-08-18	CVE-2023-40069	OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. network low complexity elecom CWE-78 critical	9.8
2023-07-13	CVE-2023-37567	Command Injection vulnerability in Elecom Wrc-1167Ghbk3-A Firmware Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a remote unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port of the web management page. network low complexity elecom CWE-77 critical	9.8