CVE-2024-22372: OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute...
Medium (6.8)
Sign up for FREE to recieve instant alerts about this vulnerability!
Description
OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product.
Classification
CVE ID: CVE-2024-22372
CVSS Base Severity: MEDIUM
CVSS Base Score: 6.8
CVSS Vector: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
Vendor: ELECOM CO.,LTD.
Product: WRC-X1500GS-B
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 0.12162 (how common is this exploit)
EPSS Date: 2025-03-11 (when was this score calculated)