Description

OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the affected product by a logged-in user with an administrative privilege to execute an arbitrary OS command.

Related CPE's

Could not find any relations

References

https://jvn.jp/en/jp/JVN06672778/

https://www.elecom.co.jp/news/security/20240730-01/

Weaknesses

[email protected]

Secondary
CWE-78

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary
CWE-78

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.8 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2024-08-01T00:15:01.950Z

1 year ago

Last modified

2025-02-17T05:15:12.527Z

1 year ago