CVE-2023-49695 Information

Description

OS command injection vulnerability in WRC-X3000GSN v1.0.2 WRC-X3000GS v1.0.24 and earlier and WRC-X3000GSA v1.0.24 and earlier allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command by sending a specially crafted request to the product.

Reference

https://www.elecom.co.jp/news/security/20231212-01/ https://jvn.jp/en/vu/JVNVU97499577/