Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

WMC-2LX-B

Source -

CNA

CNA CVEs -

4

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
4Vulnerabilities found
CVE-2024-34021
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.08% / 24.19%
||
7 Day CHG~0.00%
Published-01 Aug, 2024 | 01:15
Updated-12 May, 2026 | 08:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted upload of file with dangerous type vulnerability exists in ELECOM wireless LAN routers. A specially crafted file may be uploaded to the affected product by a logged-in user with an administrative privilege, resulting in an arbitrary OS command execution.

Action-Not Available
Vendor-Elecom Co., Ltd.
Product-WRC-2533GS2V-BWRC-G01-WWRC-1167GS2-BWMC-2LX-BWRC-1167GST2WMC-X1800GST-BWRC-X3200GST3-BWRC-2533GS2-WWRC-2533GS2-BWRC-1167GS2H-BWRC-2533GST2wrc-2533gst2_firmwarewrc-2533gs2-w_firmwarewrc-2533gs2v-b_firmwarewrc-2533gs2-b_firmware
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-29225
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-4.3||MEDIUM
EPSS-0.05% / 16.95%
||
7 Day CHG~0.00%
Published-04 Apr, 2024 | 00:04
Updated-12 May, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request.

Action-Not Available
Vendor-Elecom Co., Ltd.
Product-WRC-G01-WWMC-2LX-BWMC-X1800GST-BWRC-X3200GST3-BWSC-X1800GS-B
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2024-26258
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-7.1||HIGH
EPSS-0.22% / 44.27%
||
7 Day CHG~0.00%
Published-04 Apr, 2024 | 00:03
Updated-12 May, 2026 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with credentials to execute arbitrary OS commands by sending a specially crafted request to the product.

Action-Not Available
Vendor-Elecom Co., Ltd.
Product-WRC-G01-WWMC-2LX-BWRC-1167GST2WMC-X1800GST-BWRC-X3200GST3-BWSC-X1800GS-BWRC-2533GST2wrc-g01-w_firmwarewrc-x3200gst3-b_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-39454
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.73% / 72.99%
||
7 Day CHG+0.18%
Published-18 Aug, 2023 | 09:41
Updated-12 May, 2026 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code.

Action-Not Available
Vendor-Elecom Co., Ltd.
Product-wrc-x1800gsa-b_firmwarewrc-x1800gs-b_firmwarewrc-x1800gsh-bwrc-x1800gsa-bwrc-x1800gs-bwrc-x1800gsh-b_firmwareWMC-2LX2-BWRC-X1800GS-BWMC-2LX-BWRC-X3000GS3A-BWMC-X1800GST-BWSC-X1800GS2-BWRC-X1800GSH-BWRC-X6000QS-GWRC-X3000GS3-BWSC-X1800GS-BWRC-X6000QSA-GWMC-X1800GST2-BWRC-X1800GSA-Bwrc-x1800gsh-bwrc-x1800gs-bwrc-x1800gsa-b
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')