CVE-2025-48890

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be...

CVE-2025-43879

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be execut...

CVE-2025-48890

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be...

CVE-2025-43879

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be execut...

CVE-2025-48890

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be...

CVE-2025-43879

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be execut...

CVE-2025-43879

WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be execut...

CVE-2025-43879

CVE-2025-43879 concerns Elecom WRH-733GBK and WRH-733GWH, where the telnet function sustains an OS command injection allowing a remote unauthenticated attacker to execute arbitrary OS commands. Several connected sources corroborate OS command injection in the telnet component for these models, wi...

PT-2025-26695 · Unknown · Wrh-733Gbk +1

Name of the Vulnerable Software and Affected Versions: WRH-733GBK and WRH-733GWH affected versions not specified Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'OS Command Injection', in the telnet function. A remote...

Elecom WRH-733GBK和Elecom WRH-733GWH 操作系统命令注入漏洞

The Elecom WRH-733GBK and Elecom WRH-733GWH are both portable routers from Elecom Japan. The Elecom WRH-733GBK and Elecom WRH-733GWH suffer from an operating system command injection vulnerability that stems from telnet function command injection leading to arbitrary OS command execution...

PT-2025-26696 · Unknown · Wrh-733Gbk +1

Name of the Vulnerable Software and Affected Versions: WRH-733GBK and WRH-733GWH affected versions not specified Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'OS Command Injection', in the miniigd SOAP service. A remote...

Elecom WRH-733GBK和Elecom WRH-733GWH 操作系统命令注入漏洞

The Elecom WRH-733GBK and Elecom WRH-733GWH are both portable routers from Elecom Japan. The Elecom WRH-733GBK and Elecom WRH-733GWH suffer from an operating system command injection vulnerability that stems from improper neutralization of special elements in the miniigd SOAP service, which could...

CVE-2021-20854

ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors...

CVE-2021-20856

Cross-site scripting vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20856

Cross-site scripting vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20852

Buffer overflow vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors...

CVE-2021-20855

Cross-site scripting vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20852

Buffer overflow vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors...

CVE-2021-20856

CVE-2021-20856 is a Cross-site scripting (CWE-79) vulnerability in ELECOM LAN routers. The affected devices are WRH-733GBK firmware v1.02.9 and earlier and WRH-733GWH firmware v1.02.9 and earlier. The vulnerability allows a remote authenticated attacker to inject an arbitrary script via unspecifi...

CVE-2021-20855

CVE-2021-20855 is an XSS vulnerability in ELECOM LAN routers. It affects WRH-733GBK (firmware v1.02.9 and earlier) and WRH-733GWH (v1.02.9 and earlier). The issue allows a remote authenticated attacker to inject arbitrary script via unspecified vectors, potentially impacting users’ browsers. Affe...