CVE-2024-22372
Published Jan 24, 2024
Last updated 3 months ago
Overview
- Description
- OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product.
- Source
- vultures@jpcert.or.jp
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.8
- Impact score
- 5.9
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- CWE-78
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:elecom:wrc-x1800gs-b_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "220801B5-B278-4E27-BD38-065589867B0E",
"versionEndExcluding": "1.18"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "95667B22-5F8C-4774-9E69-2F4B9AF595AC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:elecom:wrc-x1800gsh-b_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0044554-9055-4E59-AB4A-3891B30F619F",
"versionEndExcluding": "1.18"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "20EA8B33-784F-44E8-B215-DC2554709100"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:elecom:wrc-x1800gsa-b_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69B61005-B1C7-465E-9F11-4B28E9007E77",
"versionEndExcluding": "1.18"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3842FA46-4CA2-4ECE-8632-2C74E8D97CDB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:elecom:wrc-x6000xs-g_firmware:1.09:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A07383D-5AFE-4114-9E9C-DDAC5874080E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:elecom:wrc-x6000xs-g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D50F2091-30D4-4A3E-A28A-B9D67D70DB2C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:elecom:wrc-x6000xst-g_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51ABE063-E986-4392-AB2D-7CF83045CA13",
"versionEndExcluding": "1.14"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:elecom:wrc-x6000xst-g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8E07D50B-4182-4947-BC6B-B4718F498548"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]