CVE-2023-40072
published 2023-08-18CVE-2023-40072: OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a…
PriorityP265high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.57%
72.2th percentile
OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elecom_co_ltd | wab-i1750-ps | — | — |
| elecom_co_ltd | wab-m1775-ps | — | — |
| elecom_co_ltd | wab-m2133 | — | — |
| elecom_co_ltd | wab-s1167 | — | — |
| elecom_co_ltd | wab-s1167-ps | — | — |
| elecom_co_ltd | wab-s1775 | — | — |
| elecom_co_ltd | wab-s300 | — | — |
| elecom_co_ltd | wab-s600-ps | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-08-18
Published