CVSS: 6.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-37561
https://notcve.org/view.php?id=CVE-2023-37561
13 Jul 2023 — Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. Affected products and versions are as follows: WRH-300WH-H v2.12 and earlier, WTC-300HWH v1.09 and earlier, WTC-C1167GC-B v1.17 and earlier, and WTC-C1167GC-W v1.17 and earlier. • https://jvn.jp/en/jp/JVN05223215 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-37560
https://notcve.org/view.php?id=CVE-2023-37560
13 Jul 2023 — Cross-site scripting vulnerability in WRH-300WH-H v2.12 and earlier, and WTC-300HWH v1.09 and earlier allows a remote unauthenticated attacker to inject an arbitrary script. • https://jvn.jp/en/jp/JVN05223215 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •