Filtered by vendor Elecom
Subscribe
Total
60 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20858 | 1 Elecom | 2 Wrc-2533ghbk-i, Wrc-2533ghbk-i Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2021-20857 | 1 Elecom | 2 Wrc-2533ghbk-i, Wrc-2533ghbk-i Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2021-20856 | 1 Elecom | 4 Wrh-733gbk, Wrh-733gbk Firmware, Wrh-733gwh and 1 more | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2021-20855 | 1 Elecom | 4 Wrh-733gbk, Wrh-733gbk Firmware, Wrh-733gwh and 1 more | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2021-20854 | 1 Elecom | 4 Wrh-733gbk, Wrh-733gbk Firmware, Wrh-733gwh and 1 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
| ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2021-20853 | 1 Elecom | 4 Wrh-733gbk, Wrh-733gbk Firmware, Wrh-733gwh and 1 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
| ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2021-20852 | 1 Elecom | 4 Wrh-733gbk, Wrh-733gbk Firmware, Wrh-733gwh and 1 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
| Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors. | |||||
| CVE-2021-20739 | 1 Elecom | 22 Wrc-300febk, Wrc-300febk Firmware, Wrc-733febk and 19 more | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors. | |||||
| CVE-2021-20738 | 1 Elecom | 6 Wrc-1167fs-b, Wrc-1167fs-b Firmware, Wrc-1167fs-w and 3 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| WRC-1167FS-W, WRC-1167FS-B, and WRC-1167FSA all versions allow an unauthenticated network-adjacent attacker to obtain sensitive information via unspecified vectors. | |||||
| CVE-2021-20651 | 1 Elecom | 1 File Manager | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors. | |||||
| CVE-2021-20650 | 1 Elecom | 2 Ncc-ewf100rmwh2, Ncc-ewf100rmwh2 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started. | |||||
| CVE-2021-20649 | 1 Elecom | 2 Wrc-300febk-s, Wrc-300febk-s Firmware | 2024-11-21 | 5.8 MEDIUM | 4.8 MEDIUM |
| ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. Via a man-in-the-middle attack, an attacker may alter the communication response. As a result, an arbitrary OS command may be executed on the affected device. | |||||
| CVE-2021-20648 | 1 Elecom | 2 Wrc-300febk-s, Wrc-300febk-s Firmware | 2024-11-21 | 7.7 HIGH | 6.8 MEDIUM |
| ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2021-20647 | 1 Elecom | 2 Wrc-300febk-s, Wrc-300febk-s Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started. | |||||
| CVE-2021-20646 | 1 Elecom | 2 Wrc-300febk-a, Wrc-300febk-a Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started. | |||||
| CVE-2021-20645 | 1 Elecom | 2 Wrc-300febk-a, Wrc-300febk-a Firmware | 2024-11-21 | 4.3 MEDIUM | 5.4 MEDIUM |
| Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors. | |||||
| CVE-2021-20644 | 1 Elecom | 2 Wrc-1467ghbk-a, Wrc-1467ghbk-a Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page. | |||||
| CVE-2021-20643 | 1 Elecom | 2 Ld-ps\/u1, Ld-ps\/u1 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request. | |||||
| CVE-2020-5634 | 1 Elecom | 8 Wrc-1167gst2, Wrc-1167gst2 Firmware, Wrc-1750gst2 and 5 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10) allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors. | |||||
| CVE-2024-39300 | 1 Elecom | 2 Wab-i1750-ps, Wab-i1750-ps Firmware | 2024-09-03 | N/A | 3.7 LOW |
| Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings. | |||||