CVE-2024-36103

CVSS 6.8 MEDIUMEPSS 0.7%CWE-78

OS command injection vulnerability in WRC-X5400GS-B v1.0.10 and earlier, and WRC-X5400GSA-B v1.0.10 and earlier allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product.

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

ELECOM CO.,LTD. · WRC-X5400GSA-B ELECOM CO.,LTD. · WRC-X5400GS-B

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://jvn.jp/en/vu/JVNVU97214223/https://www.elecom.co.jp/news/security/20240528-01/