CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2024/02/20 12:0 a.m.•3 views

ELECOM wireless LAN routers security vulnerability

ELECOM wireless LAN routers are a series of routers from ELECOM Japan. A security vulnerability exists in ELECOM wireless LAN routers. An attacker could exploit the vulnerability to execute arbitrary operating system commands by sending specially crafted requests. The following products and...

6.8CVSS7.3AI score0.00838EPSS

Japan Vulnerability Notes•added 2024/02/20 12:0 a.m.•47 views

JVN#44166658: Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater

Multiple wireless LAN routers and wireless LAN repeater provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2024-21798 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.8 CVSS v2|...

8.8CVSS9.1AI score0.01289EPSS

Exploits0

CNNVD•added 2024/02/20 12:0 a.m.•31 views

ELECOM wireless LAN routers security vulnerability

ELECOM wireless LAN routers are a series of routers from ELECOM Japan. A security vulnerability exists in ELECOM wireless LAN routers that stems from the presence of a cross-site scripting XSS vulnerability that could execute arbitrary script on a web browser...

4.8CVSS6AI score0.01289EPSS

Japan Vulnerability Notes•added 2024/01/24 8:16 a.m.•2 views

ELECOM wireless LAN routers vulnerable to OS command injection

Overview Multiple ELECOM wireless LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact If a logged-in user with an administrative privilege...

6.8CVSS7.4AI score0.00822EPSS

Exploits0References6

OSV•added 2024/01/24 5:15 a.m.•6 views

CVE-2024-22372

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product...

6.8CVSS6.1AI score0.00822EPSS

ATTACKERKB•added 2024/01/24 5:15 a.m.•5 views

CVE-2024-22372

6.8CVSS7AI score0.00822EPSS

Exploits0References3Affected Software15

NVD•added 2024/01/24 5:15 a.m.•22 views

CVE-2024-22372

6.8CVSS7.2AI score0.00822EPSS

Prion•added 2024/01/24 5:15 a.m.•14 views

Command injection

4.7CVSS8.4AI score0.00822EPSS

Exploits0References2Affected Software5

Vulnrichment•added 2024/01/24 4:38 a.m.•4 views

CVE-2024-22372

6.8CVSS8.4AI score0.00822EPSS

CVE•added 2024/01/24 4:38 a.m.•42 views

CVE-2024-22372

ELECOM wireless LAN routers are affected by CVE-2024-22372: an OS command injection vulnerability that allows a network-adjacent attacker with administrative privileges to execute arbitrary OS commands via a specially crafted request. Connected sources specify affected models/versions (e.g., WRC-...

6.8CVSS7.1AI score0.00822EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/01/24 4:38 a.m.•24 views

CVE-2024-22372

6.8CVSS7.4AI score0.00822EPSS

CNNVD•added 2024/01/23 12:0 a.m.•2 views

ELECOM wireless LAN routers OS Command Injection Vulnerability

ELECOM wireless LAN routers are a family of routers from ELECOM Japan. The ELECOM wireless LAN routers are vulnerable to an operating system command injection vulnerability that stems from the presence of an operating system command injection vulnerability that could allow a network-adjacent...

6.8CVSS8AI score0.00822EPSS

Positive Technologies•added 2024/01/23 12:0 a.m.•5 views

PT-2024-19371 · Elecom · Elecom Wireless Lan Routers

Name of the Vulnerable Software and Affected Versions: ELECOM wireless LAN routers affected versions not specified Description: The issue allows a network-adjacent attacker with administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. This c...

6.8CVSS8.2AI score0.00822EPSS

Exploits0References6

Japan Vulnerability Notes•added 2023/12/13 6:6 a.m.•1 views

ELECOM wireless LAN routers vulnerable to OS command injection

Overview Multiple ELECOM wireless LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability CWE-78. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact If a logged-in user with an administrative...

6.8CVSS7.5AI score0.00862EPSS

CNNVD•added 2023/12/12 12:0 a.m.•4 views

ELECOM WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and, WRC-X3000GSA v1.0.24 and versions Security Vulnerabilities

The ELECOM WRC-X3000GS2-W and ELECOM WRC-X3000GSN are both wireless routers from ELECOM. A security vulnerability exists in the ELECOM WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier, which originated from a vulnerability that allows an attacker with...

6.8CVSS7.4AI score0.00862EPSS

NVD•added 2023/11/16 7:15 a.m.•20 views

CVE-2023-43757

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected...

6.5CVSS0.00496EPSS

Prion•added 2023/11/16 7:15 a.m.•15 views

Design/Logic Flaw

3.3CVSS7AI score0.00496EPSS