Vulnerabilities > Elecom > WRC 1167Gs2H B Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-28 | CVE-2024-21798 | Cross-site Scripting vulnerability in Elecom products ELECOM wireless LAN routers contain a cross-site scripting vulnerability. | 4.8 |
2024-02-28 | CVE-2024-23910 | Cross-Site Request Forgery (CSRF) vulnerability in Elecom products Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. | 8.8 |
2022-03-31 | CVE-2022-25915 | Unspecified vulnerability in Elecom products Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to bypass access restriction and to access the management screen of the product via unspecified vectors. low complexity elecom | 8.8 |