Multiple wireless LAN routers and wireless LAN repeater provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below.
Cross-site Scripting (CWE-79) - CVE-2024-21798
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | Base Score: 4.8 |
CVSS v2 | AV:N/AC:M/Au:S/C:N/I:P/A:N | Base Score: 3.5 |
Cross-Site Request Forgery (CWE-352) - CVE-2024-23910
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | Base Score: 4.3 |
CVSS v2 | AV:N/AC:H/Au:N/C:N/I:P/A:N | Base Score: 2.6 |
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
CVE-2024-21798
WRC-1167GS2-B v1.67 and earlier
WRC-1167GS2H-B v1.67 and earlier
WRC-2533GS2-B v1.62 and earlier
WRC-2533GS2-W v1.62 and earlier
WRC-2533GS2V-B v1.62 and earlier
WRC-X3200GST3-B v1.25 and earlier
WRC-G01-W v1.24 and earlier
WMC-X1800GST-B v1.41 and earlier
CVE-2024-23910
WRC-1167GS2-B v1.67 and earlier
WRC-1167GS2H-B v1.67 and earlier
WRC-2533GS2-B v1.62 and earlier
WRC-2533GS2-W v1.62 and earlier
WRC-2533GS2V-B v1.62 and earlier
WRC-X3200GST3-B v1.25 and earlier
WRC-G01-W v1.24 and earlier
WMC-X1800GST-B v1.41 and earlier
WSC-X1800GS-B v1.41 and earlier
WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit “WMC-2LX-B” provided by ELECOM CO.,LTD.