Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2024-22372
HistoryJan 24, 2024 - 4:38 a.m.

CVE-2024-22372

2024-01-2404:38:20
jpcert
www.cve.org
5
elecom
wireless lan routers
os command injection
vulnerability
cve-2024-22372
network-adjacent attacker
administrative privilege
arbitrary os commands
specially crafted request
affected products
versions

AI Score

7.4

Confidence

High

EPSS

0

Percentile

9.6%

JSON

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product.

CNA Affected

[
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X1800GS-B",
    "versions": [
      {
        "version": "v1.17 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X1800GSA-B",
    "versions": [
      {
        "version": "v1.17 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X1800GSH-B",
    "versions": [
      {
        "version": "v1.17 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X6000XS-G",
    "versions": [
      {
        "version": "v1.09",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X6000XST-G",
    "versions": [
      {
        "version": "v1.12 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X1500GS-B",
    "versions": [
      {
        "version": "v1.11 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X1500GSA-B",
    "versions": [
      {
        "version": "v1.11 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X3000GS2-B",
    "versions": [
      {
        "version": "v1.08 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X3000GS2-W",
    "versions": [
      {
        "version": "v1.08 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "ELECOM CO.,LTD.",
    "product": "WRC-X3000GS2A-B",
    "versions": [
      {
        "version": "v1.08 and earlier",
        "status": "affected"
      }
    ]
  }
]

Related

prion 1
cve 1
nvd 1
prion
prion
Command injection
2024-01-24 05:15:00
cve
cve
CVE-2024-22372
2024-01-24 05:15:14
nvd
nvd
CVE-2024-22372
2024-01-24 05:15:14

AI Score

7.4

Confidence

High

EPSS

0

Percentile

9.6%

JSON
Related for CVELIST:CVE-2024-22372
prion1cve1nvd1