CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43689
https://notcve.org/view.php?id=CVE-2024-43689
21 Oct 2024 — Stack-based buffer overflow vulnerability exists in WAB-I1750-PS and WAB-S1167-PS. By processing a specially crafted HTTP request, arbitrary code may be executed. Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed. • https://jvn.jp/en/jp/JVN24885537 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39300
https://notcve.org/view.php?id=CVE-2024-39300
30 Aug 2024 — Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings. • https://jvn.jp/en/jp/JVN24885537 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42412
https://notcve.org/view.php?id=CVE-2024-42412
30 Aug 2024 — Cross-site scripting vulnerability exists in WAB-I1750-PS and WAB-S1167-PS due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser. Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's... • https://jvn.jp/en/jp/JVN24885537 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •