CVE-2024-40883
- EPSS 0.23%
- Veröffentlicht 01.08.2024 02:15:02
- Zuletzt bearbeitet 26.11.2024 09:15:06
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be directed to perform unintended operations such as chan...
CVE-2024-34021
- EPSS 0.08%
- Veröffentlicht 01.08.2024 02:15:01
- Zuletzt bearbeitet 26.11.2024 09:15:06
Unrestricted upload of file with dangerous type vulnerability exists in ELECOM wireless LAN routers. A specially crafted file may be uploaded to the affected product by a logged-in user with an administrative privilege, resulting in an arbitrary OS c...
CVE-2024-21798
- EPSS 0.39%
- Veröffentlicht 28.02.2024 23:15:09
- Zuletzt bearbeitet 14.02.2025 15:32:23
ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product, a...
CVE-2024-23910
- EPSS 0.21%
- Veröffentlicht 28.02.2024 23:15:09
- Zuletzt bearbeitet 22.04.2025 16:15:43
Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected prod...
CVE-2024-25579
- EPSS 0.04%
- Veröffentlicht 28.02.2024 23:15:09
- Zuletzt bearbeitet 26.11.2024 08:15:04
OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Note that WMC-X1800GST-B is ...