CVE-2024-22372 Information

Description

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Affected products and versions are as follows: WRC-X1800GS-B v1.17 and earlier WRC-X1800GSA-B v1.17 and earlier WRC-X1800GSH-B v1.17 and earlier WRC-X6000XS-G v1.09 and WRC-X6000XST-G v1.12 and earlier.

Reference

https://www.elecom.co.jp/news/security/20240123-01/ https://jvn.jp/en/vu/JVNVU90908488/