537 matches found
CVE-2026-35506
ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of pingipaddr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed...
CVE-2026-25107
The CVE-2026-25107 entry concerns ELECOM wireless LAN access point devices that use a hard-coded cryptographic key when creating configuration backups. A knowledgeable attacker could tamper a product’s backup configuration file, and a victim administrator could be tricked into loading a crafted c...
CVE-2026-25107
ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...
CVE-2026-25107
ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...
CVE-2026-25107
ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...
ELECOM WRC和ELECOM WAB 安全漏洞
ELECOM WRC and ELECOM WAB are products of the Japanese company ELECOM. ELECOM WRC is a home-use network camera. ELECOM WAB is a series of wireless access points. Both ELECOM WRC and ELECOM WAB have security vulnerabilities. These vulnerabilities stem from the use of hardcoded encryption keys to...
ELECOM WRC 操作系统命令注入漏洞
ELECOM WRC is a home-use network camera produced by the Japanese company ELECOM. The ELECOM WRC has a vulnerability related to OS command injection. This vulnerability stems from an OS command injection flaw during the processing of the pingipaddr parameter, which may allow arbitrary OS commands ...
ELECOM多款产品 安全漏洞
ELECOM WRC-BE72XSD-B is a wireless router produced by the ELECOM company. Several ELECOM products have security vulnerabilities. This vulnerability stems from the ability to access specific URLs without authentication, which may allow devices to be operated without proper authorization. The...
ELECOM多款产品 跨站脚本漏洞
ELECOM WAB-MAT, among others, are products of the ELECOM company. ELECOM WAB-MAT is a management tool for enterprise access points. ELECOM WAB represents a series of wireless access points. ELECOM WAB-S300 is a wireless access point. Several ELECOM products have cross-site scripting...
ELECOM多款产品 安全漏洞
ELECOM WAB-MAT, among others, are products of the ELECOM company. ELECOM WAB-MAT is a management tool for enterprise access points. ELECOM WAB represents a series of wireless access points. ELECOM WAB-S300 is a wireless access point. Several ELECOM products have security vulnerabilities; these...
PT-2026-40596
ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of ping ip addr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed...
PT-2026-40600
ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken...
PT-2026-40598
Name of the Vulnerable Software and Affected Versions ELECOM wireless LAN access point devices affected versions not specified Description An OS command injection exists in the processing of the username parameter. This allows an unauthenticated attacker to execute arbitrary OS commands by sendin...
PT-2026-40593
ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...
PT-2026-40599
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...
ELECOM多款产品 操作系统命令注入漏洞
ELECOM WRC, etc. are products of the Japanese ELECOM company. ELECOM WRC is a home-use network camera. ELECOM WRC-X1500GSA-B is a wireless router. ELECOM WRC-BE36QS-B is also a wireless router. Several ELECOM products have vulnerabilities related to OS command injection. These vulnerabilities ste...
Multiple vulnerabilities in ELECOM wireless LAN routers and access points (May 2026)
Overview Multiple wireless LAN routers and access points provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Use of Hard-coded Cryptographic Key in creating backup of configuration files CWE-321 - CVE-2026-25107 OS command injection in processing of pingipaddr parameter...
EUVD-2026-10002
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution...
CVE-2026-24465
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution...
CVE-2026-24465
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution...