ELECOM WRC和ELECOM WAB 安全漏洞

ELECOM WRC and ELECOM WAB are products of the Japanese company ELECOM. ELECOM WRC is a home-use network camera. ELECOM WAB is a series of wireless access points. Both ELECOM WRC and ELECOM WAB have security vulnerabilities. These vulnerabilities stem from the use of hardcoded encryption keys to...

ELECOM多款产品 安全漏洞

ELECOM WAB-MAT, among others, are products of the ELECOM company. ELECOM WAB-MAT is a management tool for enterprise access points. ELECOM WAB represents a series of wireless access points. ELECOM WAB-S300 is a wireless access point. Several ELECOM products have security vulnerabilities; these...

EUVD-2023-26446

Malicious code in bioql PyPI...

MAL-2025-43099 Malicious code in @zalastax/nolb-_wab (npm)

The package @zalastax/nolb-wab was found to contain malicious code...

Malicious code in @zalastax/nolb-_wab (npm)

The package @zalastax/nolb-wab was found to contain malicious code...

CVE-2024-39300

Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings...

CVE-2023-22282

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service...

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

CVE-2024-43689

CVE-2024-43689 describes a stack-based buffer overflow in ELECOM wireless access points/routers triggered by processing a crafted HTTP request, potentially enabling arbitrary code execution. Affected products and versions (per connected sources): WRC-X3000GS2-B/W/GS2A-B before 1.09; WAB-I1750-PS ...

CVE-2024-42412

Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser...

CVE-2024-39300

Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings...

CVE-2024-39300

Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings...

CVE-2024-39300

CVE-2024-39300 corresponds to a missing authentication vulnerability in the Telnet function of ELECOM WAB-I1750-PS (v1.5.10 and earlier). When Telnet is enabled, a remote attacker can log in without authentication and alter settings, potentially fully compromising the device. Public sources confi...

CVE-2024-42412

Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser...

CVE-2024-42412

Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser...

CVE-2024-42412

CVE-2024-42412 is a cross-site scripting vulnerability in ELECOM wireless access points caused by improper processing of input values in the menu.cgi script. The issue can allow an arbitrary script to run in a user’s browser when visiting a malicious page while authenticated to the device. Affect...

PT-2024-29933 · Elecom · Elecom Wireless Access Points

Name of the Vulnerable Software and Affected Versions: ELECOM wireless access points affected versions not specified WAB-I1750-PS affected versions not specified WAB-S1167-PS affected versions not specified Description: A cross-site scripting vulnerability exists due to improper processing of inp...

PT-2024-28426 · Unknown · Wab-I1750-Ps

Name of the Vulnerable Software and Affected Versions: WAB-I1750-PS versions 1.5.10 and earlier Description: A missing authentication vulnerability exists in the Telnet function of the product. When the Telnet function is enabled, a remote attacker may login to the product without authentication...