cbcvebase.
CVE-2023-40072
published 2023-08-18

CVE-2023-40072: OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a…

PriorityP265high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.57%
72.2th percentile
OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

Affected

8 ranges
VendorProductVersion rangeFixed in
elecom_co_ltdwab-i1750-ps
elecom_co_ltdwab-m1775-ps
elecom_co_ltdwab-m2133
elecom_co_ltdwab-s1167
elecom_co_ltdwab-s1167-ps
elecom_co_ltdwab-s1775
elecom_co_ltdwab-s300
elecom_co_ltdwab-s600-ps
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.