PT-2024-29933 · Elecom · Elecom Wireless Access Points
Ryotak
·
Published
2024-08-29
·
Updated
2025-09-19
·
CVE-2024-42412
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
ELECOM wireless access points (affected versions not specified)
WAB-I1750-PS (affected versions not specified)
WAB-S1167-PS (affected versions not specified)
Description
A cross-site scripting vulnerability exists due to improper processing of input values in
menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser.Recommendations
For ELECOM wireless access points, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For WAB-I1750-PS, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For WAB-S1167-PS, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Elecom Wireless Access Points