漏洞标题
N/A
漏洞描述信息
在ELECOM路由器上运行的OS命令注入漏洞(WRC-1167GST2 firmware v1.25和之前,WRC-1167GST2A firmware v1.25和之前,WRC-1167GST2H firmware v1.25和之前,WRC-2533GS2-B firmware v1.52和之前,WRC-2533GS2-W firmware v1.52和之前,WRC-1750GS firmware v1.03和之前,WRC-1750GSV firmware v2.11和之前,WRC-1900GST firmware v1.03和之前,WRC-2533GST firmware v1.03和之前,WRC-2533GSTA firmware v1.03和之前,WRC-2533GST2 firmware v1.25和之前,WRC-2533GST2SP firmware v1.25和之前,WRC-2533GST2-G firmware v1.25和之前,和EDWRC-2533GST2 firmware v1.25和之前)允许网络相邻的已验证的黑客通过未指定的向量执行具有root权限的任意OS命令。
CVSS信息
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
OS command injection vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attackers to execute an arbitrary OS command with the root privilege via unspecified vectors.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Elecom Edwrc 操作系统操作系统命令注入漏洞
漏洞描述信息
Elecom Edwrc是日本Elecom公司的一系列路由器。 Elecom Edwrc 存在操作系统命令注入漏洞,该漏洞源于ELECOM路由器外部输入数据构造可执行命令过程中,网络系统或产品未正确过滤其中的特殊元素。攻击者可利用该漏洞执行非法命令。
CVSS信息
N/A
漏洞类别
授权问题