CVE-2025-41427

WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in Connection Diagnostics page. If a remote authenticated attacker sends a specially crafted request to the affected product, an arbitrary ...

PT-2025-26693 · Unknown · Wrc-X3000Gs

Name of the Vulnerable Software and Affected Versions: WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN affected versions not specified Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'OS Command Injection'. This occurs in the...

Elecom多款产品 操作系统命令注入漏洞

Elecom WRC-X3000GS and others are a router from Elecom Japan. An operating system command injection vulnerability exists in the Elecom WRC-X3000GS, Elecom WRC-X3000GSA, and Elecom WRC-X3000GSN, which stems from a Connection Diagnostics page command injection leading to arbitrary OS command...

CVE-2023-49695

OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command by sending a specially crafted request to the product...

CVE-2023-49695

CVE-2023-49695 affects ELECOM WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier. The issue is an OS command injection that can be triggered by a network-adjacent attacker with administrative privileges via a specially crafted request to the product. Multip...

CVE-2023-49695

OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command by sending a specially crafted request to the product...