Vulnerabilities > Elecom > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-01 | CVE-2024-40883 | Cross-Site Request Forgery (CSRF) vulnerability in Elecom products Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. | 8.8 |
| 2023-11-16 | CVE-2023-43752 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in WRC-X3000GS2-W v1.05 and earlier, WRC-X3000GS2-B v1.05 and earlier, and WRC-X3000GS2A-B v1.05 and earlier allows a network-adjacent authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 8.0 |
| 2023-08-18 | CVE-2023-38132 | Unspecified vulnerability in Elecom Lan-W451Ngr Firmware LAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated attacker to log in to telnet service. low complexity elecom | 8.8 |
| 2023-08-18 | CVE-2023-38576 | Unspecified vulnerability in Elecom Lan-Wh300N/Re Firmware Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console. low complexity elecom | 8.0 |
| 2023-08-18 | CVE-2023-39445 | Unspecified vulnerability in Elecom products Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted file to the product's certain management console. low complexity elecom | 8.8 |
| 2023-08-18 | CVE-2023-39455 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 8.8 |
| 2023-08-18 | CVE-2023-39944 | OS Command Injection vulnerability in Elecom Wrc-1750Ghbk Firmware and Wrc-F1167Acf Firmware OS command injection vulnerability in WRC-F1167ACF all versions, and WRC-1750GHBK all versions allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. | 8.8 |
| 2023-08-18 | CVE-2023-40072 | OS Command Injection vulnerability in Elecom Wab-S300 Firmware and Wab-S600-Ps Firmware OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. | 8.8 |
| 2023-07-13 | CVE-2023-37564 | OS Command Injection vulnerability in Elecom products OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary OS command with a root privilege by sending a specially crafted request. | 8.0 |
| 2023-07-13 | CVE-2023-37565 | Code Injection vulnerability in Elecom products Code injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute arbitrary code by sending a specially crafted request. | 8.0 |