Vendor
Elecom
Products
11
CVEs
4
Across products
15
Status
Private
Products
11- 3 CVEs
- 3 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-24465 | Cri | 0.64 | 9.8 | 0.00 | Feb 3, 2026 | Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution. | |
| CVE-2026-22550 | Hig | 0.57 | 8.8 | 0.00 | Feb 3, 2026 | OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution. | |
| CVE-2024-34577 | Med | 0.40 | 6.1 | 0.01 | Aug 30, 2024 | Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, WRC-X3000GS2A-B and WRC-X3000GST2-B due to improper processing of input values in easysetup.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser. | |
| CVE-2026-24449 | Med | 0.30 | 4.6 | 0.00 | Feb 3, 2026 | For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information. |