OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Note that WMC-X1800GST-B is also included in e-Mesh Starter Kit "WMC-2LX-B".
Metrics
Affected Vendors & Products
References
History
Tue, 03 Dec 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Elecom wrc-1167gst2 Firmware
Elecom wrc-2533gst2 Firmware |
|
CPEs | cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Elecom wrc-1167gst2 Firmware
Elecom wrc-2533gst2 Firmware |
Tue, 26 Nov 2024 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Elecom
Elecom wmc-x1800gst-b Firmware Elecom wrc-1167gs2-b Firmware Elecom wrc-1167gs2h-b Firmware Elecom wrc-2533gs2-b Firmware Elecom wrc-2533gs2-w Firmware Elecom wrc-2533gs2v-b Firmware Elecom wrc-g01-w Firmware Elecom wrc-x3200gst3-b Firmware |
|
CPEs | cpe:2.3:o:elecom:wmc-x1800gst-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:elecom:wrc-1167gs2-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:elecom:wrc-1167gs2h-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:elecom:wrc-2533gs2v-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Elecom
Elecom wmc-x1800gst-b Firmware Elecom wrc-1167gs2-b Firmware Elecom wrc-1167gs2h-b Firmware Elecom wrc-2533gs2-b Firmware Elecom wrc-2533gs2-w Firmware Elecom wrc-2533gs2v-b Firmware Elecom wrc-g01-w Firmware Elecom wrc-x3200gst3-b Firmware |
|
Metrics |
cvssV3_0
|
Wed, 28 Aug 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-78 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2024-02-28T23:08:49.598Z
Updated: 2024-12-03T17:10:28.400Z
Reserved: 2024-02-15T01:25:08.855Z
Link: CVE-2024-25579
Vulnrichment
Updated: 2024-08-01T23:44:09.653Z
NVD
Status : Awaiting Analysis
Published: 2024-02-28T23:15:09.660
Modified: 2024-11-26T08:15:04.400
Link: CVE-2024-25579
Redhat
No data.