EUVD-2026-29941

🗓️ 13 May 2026 18:30:52Reported by EUVDType

ELECOM wireless access points have an OS command injection in username handling, causing command execution without authentication.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2026-42062	13 May 202612:01	–	attackerkb
Circl	CVE-2026-42062	11 May 202622:00	–	circl
CNNVD	ELECOM多款产品操作系统命令注入漏洞	13 May 202600:00	–	cnnvd
CVE	CVE-2026-42062	13 May 202612:01	–	cve
Cvelist	CVE-2026-42062	13 May 202612:01	–	cvelist
Japan Vulnerability Notes	Multiple vulnerabilities in ELECOM wireless LAN routers and access points (May 2026)	12 May 202606:16	–	jvn
NVD	CVE-2026-42062	13 May 202613:16	–	nvd
Positive Technologies	PT-2026-40598	13 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-42062	5 Jun 202619:16	–	redhatcve
Vulnrichment	CVE-2026-42062	13 May 202612:01	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "4bc3175e-e182-3f45-bdd8-a65648fad43c",
        "vendor": {
          "name": "ELECOM CO.,LTD."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0f6d6a65-2ad1-3afa-859b-df13d56db215",
        "product": {
          "name": "WRC-W702-B"
        },
        "product_version": "v1.1.0 and earlier"
      },
      {
        "id": "61e57928-fa65-3201-841f-80653b96fae2",
        "product": {
          "name": "WRC-BE72XSD-B"
        },
        "product_version": "v1.1.1 and earlier"
      },
      {
        "id": "f6a6998c-da7b-349c-98ee-6eb99f849193",
        "product": {
          "name": "WRC-BE65QSD-B"
        },
        "product_version": "v1.1.0 and earlier"
      },
      {
        "id": "f7c5a59b-9c25-37fa-9f57-008d6608ef1e",
        "product": {
          "name": "WRC-BE72XSD-BA"
        },
        "product_version": "v1.1.1 and earlier"
      }
    ]
  }
]

Source	Link
elecom	www.elecom.co.jp/news/security/20260512-01/
jvn	www.jvn.jp/en/jp/JVN03037325/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-42062

13 May 2026 18:30Current

7.4High risk

Vulners AI Score7.4

CVSS 49.3

CVSS 39.8

EPSS0.01633

SSVC