VYPR

wireless LAN routers

by ELECOM CO.,LTD.

CVEs (6)

  • CVE-2024-26258HigApr 4, 2024
    risk 0.46cvss 7.1epss 0.01

    OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OS commands by sending a specially crafted request to the product.

  • CVE-2024-39607MedAug 1, 2024
    risk 0.44cvss 6.8epss 0.01

    OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the affected product by a logged-in user with an administrative privilege to execute an arbitrary OS command.

  • CVE-2024-6044MedJun 17, 2024
    risk 0.42cvss 6.5epss 0.00

    Certain models of D-Link wireless routers have a path traversal vulnerability. Unauthenticated attackers on the same local area network can read arbitrary system files by manipulating the URL.

  • CVE-2024-29225MedApr 4, 2024
    risk 0.28cvss 4.3epss 0.00

    ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request.

  • CVE-2024-23486Apr 15, 2024
    risk 0.00cvss epss 0.01

    Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.

  • CVE-2023-39454Aug 18, 2023
    risk 0.00cvss epss 0.01

    Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code.