Lucene search
JpcertVULNRICHMENT:CVE-2024-23910HistoryFeb 28, 2024 - 11:07 p.m.
CVE-2024-23910
2024-02-2823:07:02
jpcert
github.com
2
cve-2024-23910
cross-site request forgery
csrf
elecom
wireless lan
routers
repeater
remote unauthenticated attacker
hijack authentication
administrators
unintended operations
wmc-x1800gst-b
wsc-x1800gs-b
e-mesh starter kit
wmc-2lx-b
Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit “WMC-2LX-B”.
ADP Affected
[
{
"cpes": [
"cpe:2.3:h:elecom:wrc-1167gs2-b:-:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wrc-1167gs2-b",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "v1.67",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:h:elecom:wrc-1167gs2h-b:-:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wrc-1167gs2h-b",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "v1.67",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wrc-2533gs2-b",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "v1.62",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wrc-2533gs2-w",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "v1.62",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:elecom:wrc-2533gs2v-b:*:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wrc-2533gs2v-b",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "v1.62",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:elecom:wrc-x3200gst3-b_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wrc-x3200gst3-b_firmware",
"versions": [
{
"status": "affected",
"version": "elecom",
"lessThan": "v1.25",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:elecom:wrc-g01-w_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wrc-g01-w_firmware",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "v1.24",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:elecom:wmc-x1800gst-b:*:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wmc-x1800gst-b",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "v1.41",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:elecom:wsc-x1800gs-b:*:*:*:*:*:*:*:*"
],
"vendor": "elecom",
"product": "wsc-x1800gs-b",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "v1.41",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
CVE-2024-23910
2024-02-28 23:07:02
cve
cve
CVE-2024-23910
2024-02-28 23:15:09
nvd
nvd
CVE-2024-23910
2024-02-28 23:15:09
prion
prion
Cross site request forgery (csrf)
2024-02-28 23:15:00
jvn
jvn
AI Score
7.5
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-23910