17 matches found
CVE-2026-42961
ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-40621
ELECOM wireless LAN access point devices do not require authentication to access some specific URLs. The affected product may be operated without authentication...
EUVD-2026-29942
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...
EUVD-2026-29943
ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken...
CVE-2026-42950
ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-42950
ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken...
CVE-2026-42948
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-35506
CVE-2026-35506 affects ELECOM wireless LAN access point devices. A vulnerability in the processing of the ping_ip_addr parameter allows an authenticated, logged-in user to inject and execute arbitrary OS commands, as described in the CVE entry. The issue is a command injection in the handling of ...
CVE-2026-25107
The CVE-2026-25107 entry concerns ELECOM wireless LAN access point devices that use a hard-coded cryptographic key when creating configuration backups. A knowledgeable attacker could tamper a product’s backup configuration file, and a victim administrator could be tricked into loading a crafted c...
CVE-2026-25107
ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...
PT-2026-40599
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...
CVE-2026-24465
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution...
PT-2024-30616 · Elecom · Elecom Wab-I1750-Ps +1
Name of the Vulnerable Software and Affected Versions: ELECOM WAB-I1750-PS version not specified ELECOM WAB-S1167-PS version not specified Description: A stack-based buffer overflow issue exists in ELECOM wireless access points. This issue can be triggered by processing a specially crafted HTTP...