Vulnerability Details CVE-2024-22372
OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.3%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2024-22372
-
cpe:2.3:h:elecom:wrc-x1800gs-b:-
-
cpe:2.3:h:elecom:wrc-x1800gsa-b:-
-
cpe:2.3:h:elecom:wrc-x1800gsh-b:-
-
cpe:2.3:h:elecom:wrc-x6000xs-g:-
-
cpe:2.3:h:elecom:wrc-x6000xst-g:-
-
cpe:2.3:o:elecom:wrc-x1800gs-b_firmware:-
-
cpe:2.3:o:elecom:wrc-x1800gs-b_firmware:1.13
-
cpe:2.3:o:elecom:wrc-x1800gs-b_firmware:1.17
-
cpe:2.3:o:elecom:wrc-x1800gsa-b_firmware:-
-
cpe:2.3:o:elecom:wrc-x1800gsa-b_firmware:1.13
-
cpe:2.3:o:elecom:wrc-x1800gsa-b_firmware:1.17
-
cpe:2.3:o:elecom:wrc-x1800gsh-b_firmware:-
-
cpe:2.3:o:elecom:wrc-x1800gsh-b_firmware:1.13
-
cpe:2.3:o:elecom:wrc-x1800gsh-b_firmware:1.17
-
cpe:2.3:o:elecom:wrc-x6000xs-g_firmware:1.09
-
cpe:2.3:o:elecom:wrc-x6000xst-g_firmware:1.12