CVE-2026-35506

ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of pingipaddr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed...

EUVD-2026-29942

Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...

EUVD-2026-29939

ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of pingipaddr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed...

EUVD-2026-29941

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...

CVE-2026-40621

ELECOM wireless LAN access point devices do not require authentication to access some specific URLs. The affected product may be operated without authentication...

CVE-2026-35506

ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of pingipaddr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed...

CVE-2026-42961

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

CVE-2026-42950

ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken...

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

ELECOM多款产品 跨站脚本漏洞

ELECOM WAB-MAT, among others, are products of the ELECOM company. ELECOM WAB-MAT is a management tool for enterprise access points. ELECOM WAB represents a series of wireless access points. ELECOM WAB-S300 is a wireless access point. Several ELECOM products have cross-site scripting...

PT-2026-40596

ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of ping ip addr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed...

CVE-2026-20086

A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...

Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...

EUVD-2026-10002

Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution...

ELECOM多款产品 安全漏洞

ELECOM WAB-S600-PS, among others, are products from the Japanese company ELECOM. ELECOM WAB-S600-PS is a wireless access point. ELECOM WAB-S300 is also a wireless access point. ELECOM WAB-S733IW2-PD is a wireless access point device. Several of ELECOM’s products have security vulnerabilities; the...

Hikvision Wireless Access Points security vulnerabilities

Hikvision Wireless Access Points are wireless access point devices produced by the Chinese company Hikvision. There are security vulnerabilities in Hikvision Wireless Access Points, and these vulnerabilities stem from insufficient input validation, which may allow authenticated attackers to execu...

PT-2026-5390

Name of the Vulnerable Software and Affected Versions Hikvision Wireless Access Points affected versions not specified Description Hikvision Wireless Access Points are susceptible to authenticated command execution because of inadequate input validation. An attacker possessing valid credentials c...

CVE-2025-68459

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...

CVE-2019-25226

Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/syssystemconfig management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. T...