Vulnerabilities > Elecom > WRC 1167Gs2H B Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-02-28 CVE-2024-21798 Cross-site Scripting vulnerability in Elecom products
ELECOM wireless LAN routers contain a cross-site scripting vulnerability.
network
low complexity
elecom CWE-79
4.8
2024-02-28 CVE-2024-23910 Cross-Site Request Forgery (CSRF) vulnerability in Elecom products
Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product.
network
low complexity
elecom CWE-352
8.8
2022-03-31 CVE-2022-25915 Unspecified vulnerability in Elecom products
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to bypass access restriction and to access the management screen of the product via unspecified vectors.
low complexity
elecom
8.8