CVE-2024-36103

Summary

OS command injection vulnerability in WRC-X5400GS-B v1.0.10 and earlier, and WRC-X5400GSA-B v1.0.10 and earlier allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product.

Affected Software

VendorProductVersion RangeStatus
ELECOM CO.,LTD.WRC-X5400GS-Bv1.0.10 and earlieraffected
ELECOM CO.,LTD.WRC-X5400GSA-Bv1.0.10 and earlieraffected

Weaknesses

  • OS command injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References