CVE-2024-23910 Information

Description

Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Affected products and versions are as follows: WRC-1167GS2-B v1.67 and earlier WRC-1167GS2H-B v1.67 and earlier WRC-2533GS2-B v1.62 and earlier WRC-2533GS2-W v1.62 and earlier and WRC-2533GS2V-B v1.62 and earlier.

Reference

https://www.elecom.co.jp/news/security/20240220-01/ https://jvn.jp/en/jp/JVN44166658/