← voltar
CVE-2023-40072

CVE-2023-40072

CVSS 8.8 HIGHEPSS 1.6%CWE-78
OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
ELECOM CO.,LTD. · WAB-I1750-PSELECOM CO.,LTD. · WAB-M1775-PSELECOM CO.,LTD. · WAB-M2133ELECOM CO.,LTD. · WAB-S1167ELECOM CO.,LTD. · WAB-S1167-PSELECOM CO.,LTD. · WAB-S1775ELECOM CO.,LTD. · WAB-S300ELECOM CO.,LTD. · WAB-S600-PS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://jvn.jp/en/vu/JVNVU91630351/https://www.elecom.co.jp/news/security/20230810-01/https://www.elecom.co.jp/news/security/20231114-01/