CVE-2024-23910
4.3
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit "WMC-2LX-B".
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ELECOM CO.,LTD. | WRC-1167GS2-B | v1.67 and earlier | affected |
| ELECOM CO.,LTD. | WRC-1167GS2H-B | v1.67 and earlier | affected |
| ELECOM CO.,LTD. | WRC-1167GST2 | v1.32 and earlier | affected |
| ELECOM CO.,LTD. | WRC-2533GS2-B | v1.62 and earlier | affected |
| ELECOM CO.,LTD. | WRC-2533GS2-W | v1.62 and earlier | affected |
| ELECOM CO.,LTD. | WRC-2533GS2V-B | v1.62 and earlier | affected |
| ELECOM CO.,LTD. | WRC-2533GST2 | v1.30 and earlier | affected |
| ELECOM CO.,LTD. | WRC-X3200GST3-B | v1.25 and earlier | affected |
| ELECOM CO.,LTD. | WRC-G01-W | v1.24 and earlier | affected |
| ELECOM CO.,LTD. | WMC-X1800GST-B | v1.41 and earlier | affected |
| ELECOM CO.,LTD. | WSC-X1800GS-B | v1.41 and earlier | affected |
Weaknesses
- CWE-352: Cross-site request forgery (CSRF)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.