CVE-2024-21798 Information

Description

ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product an arbitrary script may be executed on the web browser. Affected products and versions are as follows: WRC-1167GS2-B v1.67 and earlier WRC-1167GS2H-B v1.67 and earlier WRC-2533GS2-B v1.62 and earlier WRC-2533GS2-W v1.62 and earlier and WRC-2533GS2V-B v1.62 and earlier.

Reference

https://www.elecom.co.jp/news/security/20240220-01/ https://jvn.jp/en/jp/JVN44166658/