Filtered by vendor Elecom Subscriptions

Search

Switch to Advanced Search (Beta)
Total 66 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-20646 1 Elecom 2 Wrc-300febk-a, Wrc-300febk-a Firmware 2024-11-21 6.5 Medium
Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.
CVE-2021-20645 1 Elecom 2 Wrc-300febk-a, Wrc-300febk-a Firmware 2024-11-21 5.4 Medium
Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors.
CVE-2021-20644 1 Elecom 2 Wrc-1467ghbk-a, Wrc-1467ghbk-a Firmware 2024-11-21 6.1 Medium
ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page.
CVE-2021-20643 1 Elecom 2 Ld-ps\/u1, Ld-ps\/u1 Firmware 2024-11-21 7.5 High
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request.
CVE-2020-5634 1 Elecom 8 Wrc-1167gst2, Wrc-1167gst2 Firmware, Wrc-1750gst2 and 5 more 2024-11-21 8.8 High
ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10) allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors.
CVE-2024-39300 1 Elecom 2 Wab-i1750-ps, Wab-i1750-ps Firmware 2024-10-21 8.1 High
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings.