Vulnerabilities > Elecom > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-30 | CVE-2024-39300 | Missing Authentication for Critical Function vulnerability in Elecom Wab-I1750-Ps Firmware Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. | 3.7 |
| 2022-02-08 | CVE-2022-21799 | Cross-site Scripting vulnerability in Elecom Wrc-300Febk-R Firmware Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors. | 2.9 |
| 2021-12-01 | CVE-2021-20862 | Incorrect Authorization vulnerability in Elecom products Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent unauthenticated attacker to bypass access restriction, and to obtain anti-CSRF tokens and change the product's settings via unspecified vectors. | 3.3 |
| 2021-12-01 | CVE-2021-20858 | Cross-site Scripting vulnerability in Elecom Wrc-2533Ghbk-I Firmware Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | 3.5 |
| 2021-12-01 | CVE-2021-20857 | Cross-site Scripting vulnerability in Elecom Wrc-2533Ghbk-I Firmware Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | 3.5 |
| 2021-12-01 | CVE-2021-20856 | Cross-site Scripting vulnerability in Elecom Wrh-733Gbk Firmware and Wrh-733Gwh Firmware Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | 3.5 |
| 2021-12-01 | CVE-2021-20855 | Cross-site Scripting vulnerability in Elecom Wrh-733Gbk Firmware and Wrh-733Gwh Firmware Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | 3.5 |
| 2021-07-07 | CVE-2021-20738 | Unspecified vulnerability in Elecom products WRC-1167FS-W, WRC-1167FS-B, and WRC-1167FSA all versions allow an unauthenticated network-adjacent attacker to obtain sensitive information via unspecified vectors. low complexity elecom | 3.3 |