CVE-2023-39455
published 2023-08-18CVE-2023-39455: OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially…
PriorityP264high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.26%
66.1th percentile
OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elecom_co_ltd | wrc-1467ghbk-a | — | — |
| elecom_co_ltd | wrc-1467ghbk-s | — | — |
| elecom_co_ltd | wrc-1900ghbk-a | — | — |
| elecom_co_ltd | wrc-1900ghbk-s | — | — |
| elecom_co_ltd | wrc-600ghbk-a | — | — |
| elecom_co_ltd | wrc-733febk2-a | — | — |
| elecom_co_ltd | wrc-f1167acf2 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-08-18
Published