← voltar
CVE-2024-23910

CVE-2024-23910

CVSS 4.3 MEDIUMEPSS 0.2%CWE-352
Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit "WMC-2LX-B".
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Produtos afetados
ELECOM CO.,LTD. · WMC-X1800GST-BELECOM CO.,LTD. · WRC-1167GS2-BELECOM CO.,LTD. · WRC-1167GS2H-BELECOM CO.,LTD. · WRC-1167GST2ELECOM CO.,LTD. · WRC-2533GS2-BELECOM CO.,LTD. · WRC-2533GS2V-BELECOM CO.,LTD. · WRC-2533GS2-WELECOM CO.,LTD. · WRC-2533GST2ELECOM CO.,LTD. · WRC-G01-WELECOM CO.,LTD. · WRC-X3200GST3-BELECOM CO.,LTD. · WSC-X1800GS-B

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://jvn.jp/en/jp/JVN44166658/https://www.elecom.co.jp/news/security/20240220-01/