CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-40072

OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.027

EPSS Ranking 85.8%

CVSS Severity

CVSS v3 Score 8.8

References

https://jvn.jp/en/vu/JVNVU91630351/
https://www.elecom.co.jp/news/security/20230810-01/
https://www.elecom.co.jp/news/security/20231114-01/
https://jvn.jp/en/vu/JVNVU91630351/
https://www.elecom.co.jp/news/security/20230810-01/
https://www.elecom.co.jp/news/security/20231114-01/

Products affected by CVE-2023-40072

Elecom » Wab-S300 » Version: N/A

cpe:2.3:h:elecom:wab-s300:-
Elecom » Wab-S600-Ps » Version: N/A

cpe:2.3:h:elecom:wab-s600-ps:-
Elecom » Wab-S300 Firmware » Version: N/A

cpe:2.3:o:elecom:wab-s300_firmware:-
Elecom » Wab-S600-Ps Firmware » Version: N/A

cpe:2.3:o:elecom:wab-s600-ps_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-40072

Products

Pricing

Contact Us