CVE-2024-29225
MEDIUMWRC-X3200GST3-B <1.25 & WRC-G01-W <1.24 - Info Disclosure
Title source: llmDescription
ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request.
References (2)
Core 2
Core References
Various Sources
https://www.elecom.co.jp/news/security/20240326-01/
Third Party Advisory
https://jvn.jp/en/vu/JVNVU95381465/
Scores
CVSS v3
4.3
EPSS
0.0025
EPSS Percentile
16.2%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-552
Status
published
Products (5)
ELECOM CO.,LTD./WMC-2LX-B
v1.42 and earlier
ELECOM CO.,LTD./WMC-X1800GST-B
v1.42 and earlier
ELECOM CO.,LTD./WRC-G01-W
v1.24 and earlier
ELECOM CO.,LTD./WRC-X3200GST3-B
v1.25 and earlier
ELECOM CO.,LTD./WSC-X1800GS-B
v1.42 and earlier
Published
Apr 04, 2024
Tracked Since
Feb 18, 2026