CVE-2024-25579 Information

Description

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Affected products and versions are as follows: WRC-1167GS2-B v1.67 and earlier WRC-1167GS2H-B v1.67 and earlier WRC-2533GS2-B v1.62 and earlier WRC-2533GS2-W v1.62 and earlier and WRC-2533GS2V-B v1.62 and earlier.

Reference

https://www.elecom.co.jp/news/security/20240220-01/ https://jvn.jp/en/vu/JVNVU99444194/