CVE-2025-36519

Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69 and earlier, WRC-2533GS2-W, WRC-1167GST2, WRC-1167GS2-B, and WRC-1167GS2H-B. If a specially crafted file is uploaded by a remote authenticated attacker,...

JVN#06672778: Multiple vulnerabilities in ELECOM wireless LAN routers

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 6.8 CVE-2024-34021 OS Command Injection CWE-78...

ELECOM WRC-2533GS2V-B、WRC-2533GS2-B和WRC-2533GS2-W 安全漏洞

ELECOM WRC-2533GS2V-B and others are a wireless router from ELECOM Japan. A security vulnerability exists in v1.68 and earlier versions of the ELECOM WRC-2533GS2V-B, WRC-2533GS2-B, and WRC-2533GS2-W. The vulnerability stems from the possibility that a logged-in user with administrative privileges...

CVE-2024-23910

Cross-site request forgery CSRF vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B a...

Cross site scripting

ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product, an arbitrary script may be executed on the web...

CVE-2024-25579

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Note that WMC-X1800GST-B is also included in e-Mesh Starter Kit "WMC-2LX-B"...

CVE-2024-23910

Cross-site request forgery CSRF vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B a...

CVE-2024-21798

ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product, an arbitrary script may be executed on the web...

CVE-2024-21798

The CVE-2024-21798 issue affects ELECOM wireless LAN routers and repeater families. A cross-site scripting (XSS) vulnerability can be triggered when a malicious administrative user configures crafted content; when another admin logs in and operates the device, an arbitrary script may execute in t...

ELECOM wireless LAN routers security vulnerability

ELECOM wireless LAN routers are a series of routers from ELECOM Japan. A security vulnerability exists in ELECOM wireless LAN routers. An attacker could exploit the vulnerability to execute arbitrary operating system commands by sending specially crafted requests. The following products and...