2 results (0.003 seconds)

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0

Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. Affected products and versions are as follows: WRH-300WH-H v2.12 and earlier, WTC-300HWH v1.09 and earlier, WTC-C1167GC-B v1.17 and earlier, and WTC-C1167GC-W v1.17 and earlier. • https://jvn.jp/en/jp/JVN05223215 https://www.elecom.co.jp/news/security/20230711-01 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting vulnerability in WRH-300WH-H v2.12 and earlier, and WTC-300HWH v1.09 and earlier allows a remote unauthenticated attacker to inject an arbitrary script. • https://jvn.jp/en/jp/JVN05223215 https://www.elecom.co.jp/news/security/20230711-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •