CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
24.8%
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be directed to perform unintended operations such as changing the login ID, login password, etc.
Vendor | Product | Version | CPE |
---|---|---|---|
elecom | wrc-2533gs2-b_firmware | * | cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:* |
elecom | wrc-2533gs2-b | - | cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:* |
elecom | wrc-2533gs2-w_firmware | * | cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:* |
elecom | wrc-2533gs2-w | - | cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:* |
elecom | wrc-2533gs2v-b_firmware | * | cpe:2.3:o:elecom:wrc-2533gs2v-b_firmware:*:*:*:*:*:*:*:* |
elecom | wrc-2533gs2v-b | - | cpe:2.3:h:elecom:wrc-2533gs2v-b:-:*:*:*:*:*:*:* |
elecom | wrc-x6000xs-g_firmware | * | cpe:2.3:o:elecom:wrc-x6000xs-g_firmware:*:*:*:*:*:*:*:* |
elecom | wrc-x6000xs-g | - | cpe:2.3:h:elecom:wrc-x6000xs-g:-:*:*:*:*:*:*:* |
elecom | wrc-x1500gs-b_firmware | * | cpe:2.3:o:elecom:wrc-x1500gs-b_firmware:*:*:*:*:*:*:*:* |
elecom | wrc-x1500gs-b | * | cpe:2.3:h:elecom:wrc-x1500gs-b:*:*:*:*:*:*:*:* |