CVE-2024-22372
24.01.2024, 05:15
OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product.
| Vendor | Product | Version |
|---|---|---|
| elecom | wrc-x1800gs-b_firmware | 𝑥 < 1.18 |
| elecom | wrc-x1800gsh-b_firmware | 𝑥 < 1.18 |
| elecom | wrc-x1800gsa-b_firmware | 𝑥 < 1.18 |
| elecom | wrc-x6000xs-g_firmware | 1.09 |
| elecom | wrc-x6000xst-g_firmware | 𝑥 < 1.14 |
𝑥
= Vulnerable software versions