CVE-2025-53472

CVSS 8.6 HIGHEPSS 1.1%CWE-78

WRC-BE36QS-B and WRC-W701-B contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in WebGUI. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to WebGUI.

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Produtos afetados

ELECOM CO.,LTD. · WRC-BE36QS-B ELECOM CO.,LTD. · WRC-W701-B

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://jvn.jp/en/vu/JVNVU91615135/https://www.elecom.co.jp/news/security/20250722-01/