High severity8.8NVD Advisory· Published Aug 18, 2023· Updated Jun 17, 2026
CVE-2023-40072
CVE-2023-40072
Description
OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- ELECOM CO.,LTD./WAB-I1750-PSv5Range: v1.5.10 and earlier
- ELECOM CO.,LTD./WAB-M1775-PSv5Range: v1.1.21 and earlier
- ELECOM CO.,LTD./WAB-M2133v5Range: v1.3.22 and earlier
- ELECOM CO.,LTD./WAB-S1167v5Range: v1.0.7 and earlier
- ELECOM CO.,LTD./WAB-S1167-PSv5Range: v1.5.6 and earlier
- ELECOM CO.,LTD./WAB-S1775v5Range: v1.1.9 and earlier
- ELECOM CO.,LTD./WAB-S300v5Range: all versions
- ELECOM CO.,LTD./WAB-S600-PSv5Range: all versions
Patches
Vulnerability mechanics
References
3- jvn.jp/en/vu/JVNVU91630351/nvdThird Party Advisory
- www.elecom.co.jp/news/security/20230810-01/nvdVendor Advisory
- www.elecom.co.jp/news/security/20231114-01/nvd
News mentions
0No linked articles in our index yet.