CVE-2026-42950

Summary

ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken.

Affected Software

VendorProductVersion RangeStatus
ELECOM CO.,LTD.WAB-BE187-Mv1.1.10 and earlieraffected
ELECOM CO.,LTD.WAB-BE72-Mv1.1.3 and earlieraffected
ELECOM CO.,LTD.WAB-BE36-Mv1.1.3 and earlieraffected
ELECOM CO.,LTD.WAB-BE36-Sv1.1.3 and earlieraffected

Weaknesses

  • CWE-754: Improper check for unusual or exceptional conditions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References