537 matches found
CVE-2022-25915
Improper access control vulnerability in ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior,...
CVE-2022-25915
Improper access control vulnerability in ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior,...
Improper access control
Improper access control vulnerability in ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior,...
CVE-2022-25915
CVE-2022-25915 affects ELECOM LAN routers and is an Improper access control vulnerability that lets a network-adjacent authenticated attacker bypass access restrictions and reach the device management screen via unspecified vectors. Affected devices include WRC-1167GST2, WRC-1167GST2A/H, WRC-2533...
CVE-2022-25915
Improper access control vulnerability in ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior,...
Elecom elecom lan 安全漏洞
ELECOM lan is a router from ELECOM Japan. A security vulnerability exists in elecom lan routers that allows network-adjacent authenticated attackers to bypass access restrictions and access the product's management screens via unspecified vectors. The following products and versions are affected:...
PT-2022-17602 · Elecom · Elecom Lan Routers
Name of the Vulnerable Software and Affected Versions: ELECOM LAN routers versions prior to v1.25 for WRC-1167GST2, WRC-1167GST2A, WRC-1167GST2H, WRC-2533GST2, WRC-2533GST2SP, WRC-2533GST2-G, and EDWRC-2533GST2 ELECOM LAN routers versions prior to v1.52 for WRC-2533GS2-B and WRC-2533GS2-W ELECOM...
CVE-2022-21799
Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors...
CVE-2022-21799
Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors...
CVE-2022-21799
Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors...
CVE-2022-21173
Hidden functionality vulnerability in ELECOM LAN routers WRH-300BK3 firmware v1.05 and earlier, WRH-300WH3 firmware v1.05 and earlier, WRH-300BK3-S firmware v1.05 and earlier, WRH-300DR3-S firmware v1.05 and earlier, WRH-300LB3-S firmware v1.05 and earlier, WRH-300PN3-S firmware v1.05 and earlier...
CVE-2022-21173
Hidden functionality vulnerability in ELECOM LAN routers WRH-300BK3 firmware v1.05 and earlier, WRH-300WH3 firmware v1.05 and earlier, WRH-300BK3-S firmware v1.05 and earlier, WRH-300DR3-S firmware v1.05 and earlier, WRH-300LB3-S firmware v1.05 and earlier, WRH-300PN3-S firmware v1.05 and earlier...
CVE-2022-21173
Hidden functionality vulnerability in ELECOM LAN routers WRH-300BK3 firmware v1.05 and earlier, WRH-300WH3 firmware v1.05 and earlier, WRH-300BK3-S firmware v1.05 and earlier, WRH-300DR3-S firmware v1.05 and earlier, WRH-300LB3-S firmware v1.05 and earlier, WRH-300PN3-S firmware v1.05 and earlier...
Design/Logic Flaw
Hidden functionality vulnerability in ELECOM LAN routers WRH-300BK3 firmware v1.05 and earlier, WRH-300WH3 firmware v1.05 and earlier, WRH-300BK3-S firmware v1.05 and earlier, WRH-300DR3-S firmware v1.05 and earlier, WRH-300LB3-S firmware v1.05 and earlier, WRH-300PN3-S firmware v1.05 and earlier...
Cross site scripting
Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors...
CVE-2022-21799
CVE-2022-21799 is a Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier. An attacker on the adjacent network can inject an arbitrary script via unspecified vectors, potentially affecting a logged-in user’s browser. The issue is documented with a confir...
CVE-2022-21799
Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors...
CVE-2022-21173
CVE-2022-21173 refers to a hidden functionality vulnerability in ELECOM LAN routers (WRH-300BK3/WRH-300WH3/WRH-300BK3-S/WRH-300DR3-S/WRH-300LB3-S/WRH-300PN3-S/WRH-300WH3-S/WRH-300YG3-S) with firmware versions 1.05 and earlier. The issue allows a network-adjacent attacker to execute an arbitrary O...
CVE-2022-21173
Hidden functionality vulnerability in ELECOM LAN routers WRH-300BK3 firmware v1.05 and earlier, WRH-300WH3 firmware v1.05 and earlier, WRH-300BK3-S firmware v1.05 and earlier, WRH-300DR3-S firmware v1.05 and earlier, WRH-300LB3-S firmware v1.05 and earlier, WRH-300PN3-S firmware v1.05 and earlier...
Multiple vulnerabilities in multiple ELECOM LAN routers
Overview Multiple ELECOM LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Hidden functionality CWE-912 - CVE-2022-21173 Cross-site scripting CWE-79 - CVE-2022-21799 CVE-2022-21173 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this...