PT-2026-40600 · Elecom · Wireless Lan Access Point
Published
2026-05-13
·
Updated
2026-05-13
·
CVE-2026-42950
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
ELECOM wireless LAN access point devices (affected versions not specified)
Description
These devices fail to validate whether the
language parameter contains an appropriate value. This allows for Cross-Site Scripting (XSS), a flaw where malicious scripts are injected into trusted websites. If an authenticated user visits a malicious page, the administration page in their web browser may be corrupted.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wireless Lan Access Point