CVE-2021-20644

ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page...

CVE-2021-20649

ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. Via a man-in-the-middle attack, an attacker may alter the communication response. As a result, an arbitrary OS command may be executed on the affected device...

CVE-2021-20862

Improper access control vulnerability in ELECOM routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior,...

CVE-2021-20853

ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors...

CVE-2021-20857

Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20860

Cross-site request forgery CSRF vulnerability in ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and...

CVE-2021-20855

Cross-site scripting vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20648

ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors...

CVE-2021-20852

Buffer overflow vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors...

CVE-2020-5634

ELECOM LAN routers WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10 allow an attacker on the same network segment to execute arbitrary OS commands with a...

CVE-2023-39454

Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code...

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

PT-2024-30616 · Elecom · Elecom Wab-I1750-Ps +1

Name of the Vulnerable Software and Affected Versions: ELECOM WAB-I1750-PS version not specified ELECOM WAB-S1167-PS version not specified Description: A stack-based buffer overflow issue exists in ELECOM wireless access points. This issue can be triggered by processing a specially crafted HTTP...

CVE-2024-42412

Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser...

PT-2024-29933 · Elecom · Elecom Wireless Access Points

Name of the Vulnerable Software and Affected Versions: ELECOM wireless access points affected versions not specified WAB-I1750-PS affected versions not specified WAB-S1167-PS affected versions not specified Description: A cross-site scripting vulnerability exists due to improper processing of inp...

Multiple vulnerabilities in ELECOM wireless LAN routers and access points

Overview Multiple wireless LAN routers and access points provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Cross-site scripting vulnerability due to an improper processing of input values in easysetup.cgi and menu.cgi CWE-79 - CVE-2024-34577, CVE-2024-42412 Missing...

ELECOM多款产品 安全漏洞

ELECOM WRC-X3000GS2-W and others are products of ELECOM Corporation.ELECOM WRC-X3000GS2-W is a wireless router.ELECOM WRC-X3000GS2-B is a gigabit router.ELECOM WRC-X3000GS2A-B is a gigabit router. A security vulnerability exists in several ELECOM products, which originates from mishandling of inp...

ELECOM多款产品 跨站脚本漏洞

ELECOM WRC-X3000GS2-W and others are products of ELECOM Corporation.ELECOM WRC-X3000GS2-W is a wireless router.ELECOM WRC-X3000GS2-B is a gigabit router.ELECOM WRC-X3000GS2A-B is a gigabit router. A cross-site scripting vulnerability exists in various ELECOM products, which originates from the...

ELECOM多款产品 缓冲区错误漏洞

ELECOM WRC-X3000GS2-W and others are products of ELECOM.ELECOM WRC-X3000GS2-W is a wireless router.ELECOM WRC-X3000GS2-B is a gigabit router.ELECOM WRC-X3000GS2A-B is a gigabit router. A buffer error vulnerability exists in various ELECOM products that originates from the processing of specially...