Search

Find a vulnerability

Search criteria

    11 vulnerabilities found for WSC-X1800GS-B by ELECOM CO.,LTD.

    CVE-2024-29225 (GCVE-0-2024-29225)

    Vulnerability from nvd – Published: 2024-04-04 00:04 – Updated: 2026-05-12 08:11
    VLAI
    Summary
    ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-29225",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-04T15:43:13.301844Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-552",
                    "description": "CWE-552 Files or Directories Accessible to External Parties",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-27T20:51:09.291Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:10:54.663Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20240326-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU95381465/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-X3200GST3-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.25 and earlier"
                }
              ]
            },
            {
              "product": "WRC-G01-W",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.24 and earlier"
                }
              ]
            },
            {
              "product": "WMC-2LX-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WMC-X1800GST-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WSC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en-US",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-12T08:11:07.494Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20240326-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU95381465/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-29225",
        "datePublished": "2024-04-04T00:04:52.089Z",
        "dateReserved": "2024-03-19T02:32:15.110Z",
        "dateUpdated": "2026-05-12T08:11:07.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-26258 (GCVE-0-2024-26258)

    Vulnerability from nvd – Published: 2024-04-04 00:03 – Updated: 2026-05-12 08:10
    VLAI
    Summary
    OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OS commands by sending a specially crafted request to the product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • OS command injection
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    ELECOM CO.,LTD. WRC-X3200GST3-B Affected: v1.25 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-G01-W Affected: v1.24 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GST2 Affected: v1.32 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GST2 Affected: v1.30 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-2LX-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-X1800GST-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WSC-X1800GS-B Affected: v1.42 and earlier
    Create a notification for this product.
    elecom wrc-x3200gst3-b_firmware Affected: 0 , ≤ 1.25 (custom)
        cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-g01-w_firmware Affected: 0 , ≤ 1.24 (custom)
        cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x3200gst3-b_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThanOrEqual": "1.25",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-g01-w_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThanOrEqual": "1.24",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-26258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-04T13:12:52.810342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-20T15:22:40.714Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T00:07:19.139Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20240326-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU95381465/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-X3200GST3-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.25 and earlier"
                }
              ]
            },
            {
              "product": "WRC-G01-W",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.24 and earlier"
                }
              ]
            },
            {
              "product": "WRC-1167GST2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.32 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GST2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.30 and earlier"
                }
              ]
            },
            {
              "product": "WMC-2LX-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WMC-X1800GST-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WSC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OS commands by sending a specially crafted request to the product."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en-US",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-12T08:10:53.382Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20240326-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU95381465/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-26258",
        "datePublished": "2024-04-04T00:03:41.930Z",
        "dateReserved": "2024-03-19T02:32:14.173Z",
        "dateUpdated": "2026-05-12T08:10:53.382Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-23910 (GCVE-0-2024-23910)

    Vulnerability from nvd – Published: 2024-02-28 23:07 – Updated: 2025-04-22 15:54
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit "WMC-2LX-B".
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-site request forgery (CSRF)
    Assigner
    Impacted products
    Vendor Product Version
    ELECOM CO.,LTD. WRC-1167GS2-B Affected: v1.67 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GS2H-B Affected: v1.67 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GST2 Affected: v1.32 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GS2-B Affected: v1.62 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GS2-W Affected: v1.62 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GS2V-B Affected: v1.62 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GST2 Affected: v1.30 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X3200GST3-B Affected: v1.25 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-G01-W Affected: v1.24 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-X1800GST-B Affected: v1.41 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WSC-X1800GS-B Affected: v1.41 and earlier
    Create a notification for this product.
    elecom wrc-1167gs2-b Affected: 0 , < v1.67 (custom)
        cpe:2.3:h:elecom:wrc-1167gs2-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-1167gs2h-b Affected: 0 , < v1.67 (custom)
        cpe:2.3:h:elecom:wrc-1167gs2h-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-2533gs2-b Affected: 0 , < v1.62 (custom)
        cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-2533gs2-w Affected: 0 , < v1.62 (custom)
        cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-2533gs2v-b Affected: 0 , < v1.62 (custom)
        cpe:2.3:h:elecom:wrc-2533gs2v-b:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-x3200gst3-b_firmware Affected: elecom , < v1.25 (custom)
        cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-g01-w_firmware Affected: 0 , < v1.24 (custom)
        cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wmc-x1800gst-b Affected: 0 , < v1.41 (custom)
        cpe:2.3:a:elecom:wmc-x1800gst-b:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wsc-x1800gs-b Affected: 0 , < v1.41 (custom)
        cpe:2.3:a:elecom:wsc-x1800gs-b:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-1167gs2-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-1167gs2-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.67",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-1167gs2h-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-1167gs2h-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.67",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-2533gs2-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.62",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-2533gs2-w",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.62",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-2533gs2v-b:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-2533gs2v-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.62",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x3200gst3-b_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.25",
                    "status": "affected",
                    "version": "elecom",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-g01-w_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.24",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:elecom:wmc-x1800gst-b:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wmc-x1800gst-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.41",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:elecom:wsc-x1800gs-b:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsc-x1800gs-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.41",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23910",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-05T20:40:19.820700Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T15:54:59.591Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:08.529Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20240220-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN44166658/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-1167GS2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.67 and earlier"
                }
              ]
            },
            {
              "product": "WRC-1167GS2H-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.67 and earlier"
                }
              ]
            },
            {
              "product": "WRC-1167GST2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.32 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GS2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.62 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GS2-W",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.62 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GS2V-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.62 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GST2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.30 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X3200GST3-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.25 and earlier"
                }
              ]
            },
            {
              "product": "WRC-G01-W",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.24 and earlier"
                }
              ]
            },
            {
              "product": "WMC-X1800GST-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.41 and earlier"
                }
              ]
            },
            {
              "product": "WSC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.41 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit \"WMC-2LX-B\"."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "Cross-site request forgery (CSRF)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-26T08:07:41.689Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20240220-01/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN44166658/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-23910",
        "datePublished": "2024-02-28T23:07:02.324Z",
        "dateReserved": "2024-02-15T01:25:06.163Z",
        "dateUpdated": "2025-04-22T15:54:59.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39454 (GCVE-0-2023-39454)

    Vulnerability from nvd – Published: 2023-08-18 09:41 – Updated: 2026-05-12 08:10
    VLAI
    Summary
    Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    ELECOM CO.,LTD. WRC-X1800GS-B Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X1800GSA-B Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X1800GSH-B Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X6000QS-G Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X6000QSA-G Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X3000GS3-B Affected: v1.05 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X3000GS3A-B Affected: v1.05 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-2LX-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-X1800GST-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WSC-X1800GS-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-2LX2-B Affected: v1.16
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-X1800GST2-B Affected: v1.16
    Create a notification for this product.
    ELECOM CO.,LTD. WSC-X1800GS2-B Affected: v1.16
    Create a notification for this product.
    elecom wrc-x1800gs-b Affected: 0 , < 1.13 (custom)
        cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-x1800gsa-b Affected: 0 , < 1.13 (custom)
        cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-x1800gsh-b Affected: 0 , < 1.13 (custom)
        cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.682Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20230711-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU91630351/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x1800gs-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "1.13",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x1800gsa-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "1.13",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x1800gsh-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "1.13",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39454",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-03T14:02:33.925181Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-03T14:02:46.054Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X1800GSA-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X1800GSH-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X6000QS-G",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X6000QSA-G",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X3000GS3-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.05 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X3000GS3A-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.05 and earlier"
                }
              ]
            },
            {
              "product": "WMC-2LX-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WMC-X1800GST-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WSC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WMC-2LX2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.16"
                }
              ]
            },
            {
              "product": "WMC-X1800GST2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.16"
                }
              ]
            },
            {
              "product": "WSC-X1800GS2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.16"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-12T08:10:42.091Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20230711-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU91630351/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-39454",
        "datePublished": "2023-08-18T09:41:14.665Z",
        "dateReserved": "2023-08-09T11:55:02.234Z",
        "dateUpdated": "2026-05-12T08:10:42.091Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-29225 (GCVE-0-2024-29225)

    Vulnerability from cvelistv5 – Published: 2024-04-04 00:04 – Updated: 2026-05-12 08:11
    VLAI
    Summary
    ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-29225",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-04T15:43:13.301844Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-552",
                    "description": "CWE-552 Files or Directories Accessible to External Parties",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-27T20:51:09.291Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:10:54.663Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20240326-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU95381465/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-X3200GST3-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.25 and earlier"
                }
              ]
            },
            {
              "product": "WRC-G01-W",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.24 and earlier"
                }
              ]
            },
            {
              "product": "WMC-2LX-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WMC-X1800GST-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WSC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en-US",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-12T08:11:07.494Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20240326-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU95381465/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-29225",
        "datePublished": "2024-04-04T00:04:52.089Z",
        "dateReserved": "2024-03-19T02:32:15.110Z",
        "dateUpdated": "2026-05-12T08:11:07.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-26258 (GCVE-0-2024-26258)

    Vulnerability from cvelistv5 – Published: 2024-04-04 00:03 – Updated: 2026-05-12 08:10
    VLAI
    Summary
    OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OS commands by sending a specially crafted request to the product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • OS command injection
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    ELECOM CO.,LTD. WRC-X3200GST3-B Affected: v1.25 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-G01-W Affected: v1.24 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GST2 Affected: v1.32 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GST2 Affected: v1.30 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-2LX-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-X1800GST-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WSC-X1800GS-B Affected: v1.42 and earlier
    Create a notification for this product.
    elecom wrc-x3200gst3-b_firmware Affected: 0 , ≤ 1.25 (custom)
        cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-g01-w_firmware Affected: 0 , ≤ 1.24 (custom)
        cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x3200gst3-b_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThanOrEqual": "1.25",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-g01-w_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThanOrEqual": "1.24",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-26258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-04T13:12:52.810342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-20T15:22:40.714Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T00:07:19.139Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20240326-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU95381465/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-X3200GST3-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.25 and earlier"
                }
              ]
            },
            {
              "product": "WRC-G01-W",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.24 and earlier"
                }
              ]
            },
            {
              "product": "WRC-1167GST2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.32 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GST2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.30 and earlier"
                }
              ]
            },
            {
              "product": "WMC-2LX-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WMC-X1800GST-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WSC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OS commands by sending a specially crafted request to the product."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en-US",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-12T08:10:53.382Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20240326-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU95381465/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-26258",
        "datePublished": "2024-04-04T00:03:41.930Z",
        "dateReserved": "2024-03-19T02:32:14.173Z",
        "dateUpdated": "2026-05-12T08:10:53.382Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-23910 (GCVE-0-2024-23910)

    Vulnerability from cvelistv5 – Published: 2024-02-28 23:07 – Updated: 2025-04-22 15:54
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit "WMC-2LX-B".
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-site request forgery (CSRF)
    Assigner
    Impacted products
    Vendor Product Version
    ELECOM CO.,LTD. WRC-1167GS2-B Affected: v1.67 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GS2H-B Affected: v1.67 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GST2 Affected: v1.32 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GS2-B Affected: v1.62 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GS2-W Affected: v1.62 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GS2V-B Affected: v1.62 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GST2 Affected: v1.30 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X3200GST3-B Affected: v1.25 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-G01-W Affected: v1.24 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-X1800GST-B Affected: v1.41 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WSC-X1800GS-B Affected: v1.41 and earlier
    Create a notification for this product.
    elecom wrc-1167gs2-b Affected: 0 , < v1.67 (custom)
        cpe:2.3:h:elecom:wrc-1167gs2-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-1167gs2h-b Affected: 0 , < v1.67 (custom)
        cpe:2.3:h:elecom:wrc-1167gs2h-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-2533gs2-b Affected: 0 , < v1.62 (custom)
        cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-2533gs2-w Affected: 0 , < v1.62 (custom)
        cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-2533gs2v-b Affected: 0 , < v1.62 (custom)
        cpe:2.3:h:elecom:wrc-2533gs2v-b:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-x3200gst3-b_firmware Affected: elecom , < v1.25 (custom)
        cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-g01-w_firmware Affected: 0 , < v1.24 (custom)
        cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wmc-x1800gst-b Affected: 0 , < v1.41 (custom)
        cpe:2.3:a:elecom:wmc-x1800gst-b:*:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wsc-x1800gs-b Affected: 0 , < v1.41 (custom)
        cpe:2.3:a:elecom:wsc-x1800gs-b:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-1167gs2-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-1167gs2-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.67",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-1167gs2h-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-1167gs2h-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.67",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-2533gs2-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.62",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-2533gs2-w",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.62",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-2533gs2v-b:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-2533gs2v-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.62",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x3200gst3-b_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.25",
                    "status": "affected",
                    "version": "elecom",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-g01-w_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.24",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:elecom:wmc-x1800gst-b:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wmc-x1800gst-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.41",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:elecom:wsc-x1800gs-b:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wsc-x1800gs-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "v1.41",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23910",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-05T20:40:19.820700Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T15:54:59.591Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:08.529Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20240220-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN44166658/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-1167GS2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.67 and earlier"
                }
              ]
            },
            {
              "product": "WRC-1167GS2H-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.67 and earlier"
                }
              ]
            },
            {
              "product": "WRC-1167GST2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.32 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GS2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.62 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GS2-W",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.62 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GS2V-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.62 and earlier"
                }
              ]
            },
            {
              "product": "WRC-2533GST2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.30 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X3200GST3-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.25 and earlier"
                }
              ]
            },
            {
              "product": "WRC-G01-W",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.24 and earlier"
                }
              ]
            },
            {
              "product": "WMC-X1800GST-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.41 and earlier"
                }
              ]
            },
            {
              "product": "WSC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.41 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit \"WMC-2LX-B\"."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "Cross-site request forgery (CSRF)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-26T08:07:41.689Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20240220-01/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN44166658/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-23910",
        "datePublished": "2024-02-28T23:07:02.324Z",
        "dateReserved": "2024-02-15T01:25:06.163Z",
        "dateUpdated": "2025-04-22T15:54:59.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39454 (GCVE-0-2023-39454)

    Vulnerability from cvelistv5 – Published: 2023-08-18 09:41 – Updated: 2026-05-12 08:10
    VLAI
    Summary
    Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    ELECOM CO.,LTD. WRC-X1800GS-B Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X1800GSA-B Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X1800GSH-B Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X6000QS-G Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X6000QSA-G Affected: v1.13 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X3000GS3-B Affected: v1.05 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-X3000GS3A-B Affected: v1.05 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-2LX-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-X1800GST-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WSC-X1800GS-B Affected: v1.42 and earlier
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-2LX2-B Affected: v1.16
    Create a notification for this product.
    ELECOM CO.,LTD. WMC-X1800GST2-B Affected: v1.16
    Create a notification for this product.
    ELECOM CO.,LTD. WSC-X1800GS2-B Affected: v1.16
    Create a notification for this product.
    elecom wrc-x1800gs-b Affected: 0 , < 1.13 (custom)
        cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-x1800gsa-b Affected: 0 , < 1.13 (custom)
        cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    elecom wrc-x1800gsh-b Affected: 0 , < 1.13 (custom)
        cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.682Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20230711-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU91630351/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x1800gs-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "1.13",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x1800gsa-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "1.13",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wrc-x1800gsh-b",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "1.13",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39454",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-03T14:02:33.925181Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-03T14:02:46.054Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X1800GSA-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X1800GSH-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X6000QS-G",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X6000QSA-G",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.13 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X3000GS3-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.05 and earlier"
                }
              ]
            },
            {
              "product": "WRC-X3000GS3A-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.05 and earlier"
                }
              ]
            },
            {
              "product": "WMC-2LX-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WMC-X1800GST-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WSC-X1800GS-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.42 and earlier"
                }
              ]
            },
            {
              "product": "WMC-2LX2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.16"
                }
              ]
            },
            {
              "product": "WMC-X1800GST2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.16"
                }
              ]
            },
            {
              "product": "WSC-X1800GS2-B",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v1.16"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-12T08:10:42.091Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20230711-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU91630351/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-39454",
        "datePublished": "2023-08-18T09:41:14.665Z",
        "dateReserved": "2023-08-09T11:55:02.234Z",
        "dateUpdated": "2026-05-12T08:10:42.091Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    JVNDB-2024-003025

    Vulnerability from jvndb - Published: 2024-03-27 14:26 - Updated:2026-05-15 15:32
    Severity
    Summary
    Multiple vulnerabilities in ELECOM wireless LAN routers
    Details
    Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2024-25568 * OS Command Injection (CWE-78) - CVE-2024-26258 * Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) - CVE-2024-29225 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003025.html",
      "dc:date": "2026-05-15T15:32+09:00",
      "dcterms:issued": "2024-03-27T14:26+09:00",
      "dcterms:modified": "2026-05-15T15:32+09:00",
      "description": "Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below.\r\n\r\n  * OS Command Injection (CWE-78) - CVE-2024-25568\r\n  * OS Command Injection (CWE-78) - CVE-2024-26258\r\n  * Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) - CVE-2024-29225\r\n\r\nChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003025.html",
      "sec:cpe": [
        {
          "#text": "cpe:/o:elecom:wmc-2lx-b",
          "@product": "WMC-2LX-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wmc-x1800gst-b",
          "@product": "WMC-X1800GST-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1167gst2",
          "@product": "WRC-1167GST2",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-2533gst2",
          "@product": "WRC-2533GST2",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-g01-w",
          "@product": "WRC-G01-W",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x3200gst3-b",
          "@product": "WRC-X3200GST3-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wsc-x1800gs-b",
          "@product": "WSC-X1800GS-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "5.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "8.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2024-003025",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU95381465/index.html",
          "@id": "JVNVU#95381465",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-25568",
          "@id": "CVE-2024-25568",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-26258",
          "@id": "CVE-2024-26258",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-29225",
          "@id": "CVE-2024-29225",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-200",
          "@title": "Information Exposure(CWE-200)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-78",
          "@title": "OS Command Injection(CWE-78)"
        }
      ],
      "title": "Multiple vulnerabilities in ELECOM wireless LAN routers"
    }

    JVNDB-2024-000020

    Vulnerability from jvndb - Published: 2024-02-20 14:14 - Updated:2024-11-26 15:26
    Severity
    Summary
    Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater
    Details
    Multiple wireless LAN routers and wireless LAN repeater provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below.
    • Cross-site Scripting (CWE-79) - CVE-2024-21798
    • Cross-Site Request Forgery (CWE-352) - CVE-2024-23910
    CVE-2024-21798 Yamaguchi Kakeru of Fujitsu Limited reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-23910 Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000020.html",
      "dc:date": "2024-11-26T15:26+09:00",
      "dcterms:issued": "2024-02-20T14:14+09:00",
      "dcterms:modified": "2024-11-26T15:26+09:00",
      "description": "Multiple wireless LAN routers and wireless LAN repeater provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below.\r\n\r\n\u003cul\u003e\u003cli\u003eCross-site Scripting (CWE-79) - CVE-2024-21798\u003c/li\u003e\r\n\u003cli\u003eCross-Site Request Forgery (CWE-352) - CVE-2024-23910\u003c/li\u003e\u003c/ul\u003e\r\n\r\nCVE-2024-21798\r\nYamaguchi Kakeru of Fujitsu Limited reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.\r\n\r\nCVE-2024-23910\r\nSatoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000020.html",
      "sec:cpe": [
        {
          "#text": "cpe:/o:elecom:wmc-x1800gst-b",
          "@product": "WMC-X1800GST-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1167gs2-b_firmware",
          "@product": "WRC-1167GS2-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1167gs2h-b_firmware",
          "@product": "WRC-1167GS2H-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1167gst2_firmware",
          "@product": "WRC-1167GST2 firmware",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-2533gs2-b_firmware",
          "@product": "WRC-2533GS2-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-2533gs2-w_firmware",
          "@product": "WRC-2533GS2-W",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-2533gs2v-b_firmware",
          "@product": "WRC-2533GS2V-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-2533gst2_firmware",
          "@product": "WRC-2533GST2 firmware",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-g01-w",
          "@product": "WRC-G01-W",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x3200gst3-b",
          "@product": "WRC-X3200GST3-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wsc-x1800gs-b",
          "@product": "WSC-X1800GS-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "3.5",
          "@severity": "Low",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2024-000020",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN44166658/index.html",
          "@id": "JVN#44166658",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-21798",
          "@id": "CVE-2024-21798",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-23910",
          "@id": "CVE-2024-23910",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-352",
          "@title": "Cross-Site Request Forgery(CWE-352)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater"
    }

    JVNDB-2023-002797

    Vulnerability from jvndb - Published: 2023-08-15 11:54 - Updated:2026-05-15 19:42
    Severity
    Summary
    Multiple vulnerabilities in ELECOM and LOGITEC network devices
    Details
    Multiple network devices provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below. * Hidden Functionality (CWE-912) - CVE-2023-32626, CVE-2023-35991, CVE-2023-39445 * Telnet service access restriction failure (CWE-284) - CVE-2023-38132 * Hidden Functionality (CWE-912) - CVE-2023-38576 * Buffer overflow (CWE-120) - CVE-2023-39454 * OS Command Injection (CWE-78) - CVE-2023-39455, CVE-2023-40072 * OS Command Injection (CWE-78) - CVE-2023-39944, CVE-2023-40069 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002797.html",
      "dc:date": "2026-05-15T19:42+09:00",
      "dcterms:issued": "2023-08-15T11:54+09:00",
      "dcterms:modified": "2026-05-15T19:42+09:00",
      "description": "Multiple network devices provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below.\r\n\r\n  * Hidden Functionality (CWE-912) - CVE-2023-32626, CVE-2023-35991, CVE-2023-39445\r\n  * Telnet service access restriction failure (CWE-284) - CVE-2023-38132\r\n  * Hidden Functionality (CWE-912) - CVE-2023-38576\r\n  * Buffer overflow (CWE-120) - CVE-2023-39454\r\n  * OS Command Injection (CWE-78) - CVE-2023-39455, CVE-2023-40072\r\n  * OS Command Injection (CWE-78) - CVE-2023-39944, CVE-2023-40069\r\n\r\nChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002797.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:elecom:wab-i1750-ps",
          "@product": "WAB-I1750-PS",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:elecom:wab-s1167-ps",
          "@product": "WAB-S1167-PS",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wab-m1775-ps",
          "@product": "WAB-M1775-PS",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wab-m2133",
          "@product": "WAB-M2133",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wab-s1167",
          "@product": "WAB-S1167",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wab-s1775",
          "@product": "WAB-S1775",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wab-s300_firmware",
          "@product": "WAB-S300",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wab-s600-ps_firmware",
          "@product": "WAB-S600-PS",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wmc-2lx-b",
          "@product": "WMC-2LX-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wmc-2lx2-b",
          "@product": "WMC-2LX2-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wmc-x1800gst-b",
          "@product": "WMC-X1800GST-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wmc-x1800gst2-b",
          "@product": "WMC-X1800GST2-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1167ghbk2",
          "@product": "WRC-1167GHBK2",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1467ghbk-a_firmware",
          "@product": "WRC-1467GHBK-A",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1467ghbk-s_firmware",
          "@product": "WRC-1467GHBK-S",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1750ghbk",
          "@product": "WRC-1750GHBK",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1750ghbk-e",
          "@product": "WRC-1750GHBK-E",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1750ghbk2-i",
          "@product": "WRC-1750GHBK2-I",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1900ghbk-a_firmware",
          "@product": "WRC-1900GHBK-A",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-1900ghbk-s_firmware",
          "@product": "WRC-1900GHBK-S",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-600ghbk-a_firmware",
          "@product": "WRC-600GHBK-A",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-733febk2-a_firmware",
          "@product": "WRC-733FEBK2-A",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-f1167acf",
          "@product": "WRC-F1167ACF",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-f1167acf2_firmware",
          "@product": "WRC-F1167ACF2",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x1800gs-b_firmware",
          "@product": "WRC-X1800GS-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x1800gsa-b_firmware",
          "@product": "WRC-X1800GSA-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x1800gsh-b_firmware",
          "@product": "WRC-X1800GSH-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x3000gs3-b",
          "@product": "WRC-X3000GS3-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x3000gs3a-b",
          "@product": "WRC-X3000GS3A-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x6000qs-g",
          "@product": "WRC-X6000QS-G",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wrc-x6000qsa-g",
          "@product": "WRC-X6000QSA-G",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wsc-x1800gs-b",
          "@product": "WSC-X1800GS-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:elecom:wsc-x1800gs2-b",
          "@product": "WSC-X1800GS2-B",
          "@vendor": "ELECOM CO.,LTD.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:logitec:lan-w300n%2fdr_firmware",
          "@product": "LAN-W300N/DR",
          "@vendor": "Logitec Corp.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:logitec:lan-w300n%2fpr5_firmware",
          "@product": "LAN-W300N/PR5",
          "@vendor": "Logitec Corp.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:logitec:lan-w451ngr_firmware",
          "@product": "LAN-W451NGR",
          "@vendor": "Logitec Corp.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:logitec:lan-wh300an%2fdgp_firmware",
          "@product": "LAN-WH300AN/DGP",
          "@vendor": "Logitec Corp.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:logitec:lan-wh300andgpe_firmware",
          "@product": "LAN-WH300ANDGPE",
          "@vendor": "Logitec Corp.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:logitec:lan-wh300n%2fdr_firmware",
          "@product": "LAN-WH300N/DR",
          "@vendor": "Logitec Corp.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:logitec:lan-wh300n%2fre_firmware",
          "@product": "LAN-WH300N/RE",
          "@vendor": "Logitec Corp.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:logitec:lan-wh450n%2fgp_firmware",
          "@product": "LAN-WH450N/GP",
          "@vendor": "Logitec Corp.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "5.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "8.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2023-002797",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/vu/JVNVU91630351/index.html",
          "@id": "JVNVU#91630351",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32626",
          "@id": "CVE-2023-32626",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-35991",
          "@id": "CVE-2023-35991",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-38132",
          "@id": "CVE-2023-38132",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-38576",
          "@id": "CVE-2023-38576",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39445",
          "@id": "CVE-2023-39445",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39454",
          "@id": "CVE-2023-39454",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39455",
          "@id": "CVE-2023-39455",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39944",
          "@id": "CVE-2023-39944",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-40069",
          "@id": "CVE-2023-40069",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-40072",
          "@id": "CVE-2023-40072",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32626",
          "@id": "CVE-2023-32626",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-35991",
          "@id": "CVE-2023-35991",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38132",
          "@id": "CVE-2023-38132",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38576",
          "@id": "CVE-2023-38576",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39445",
          "@id": "CVE-2023-39445",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39454",
          "@id": "CVE-2023-39454",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39455",
          "@id": "CVE-2023-39455",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39944",
          "@id": "CVE-2023-39944",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40069",
          "@id": "CVE-2023-40069",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40072",
          "@id": "CVE-2023-40072",
          "@source": "NVD"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/120.html",
          "@id": "CWE-120",
          "@title": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)(CWE-120)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/284.html",
          "@id": "CWE-284",
          "@title": "Improper Access Control(CWE-284)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-78",
          "@title": "OS Command Injection(CWE-78)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/912.html",
          "@id": "CWE-912",
          "@title": "Hidden Functionality(CWE-912)"
        }
      ],
      "title": "Multiple vulnerabilities in ELECOM and LOGITEC network devices"
    }