Description
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
References (3)
Core 3
Core References
Various Sources
https://www.elecom.co.jp/news/security/20260203-02/
Various Sources
https://www.elecom.co.jp/news/security/20260203-01/
Third Party Advisory
https://jvn.jp/en/jp/JVN94012927/
Scores
CVSS v3
9.8
EPSS
0.0075
EPSS Percentile
49.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-121
Status
published
Products (14)
elecom/wab-s300iw-ac_firmware
< 5.5.02
elecom/wab-s300iw-pd_firmware
elecom/wab-s300iw2-pd_firmware
< 5.5.02
elecom/wab-s733iw-ac_firmware
< 5.5.02
elecom/wab-s733iw-pd_firmware
elecom/wab-s733iw2-pd_firmware
< 5.5.02
elecom/wrc-x1500gs-b_firmware
< 1.13
elecom/wrc-x1500gsa-b_firmware
< 1.13
ELECOM CO.,LTD./WAB-S300IW-AC
v5.5.00 and earlier versions
ELECOM CO.,LTD./WAB-S300IW-PD
all versions
... and 4 more
Published
Feb 03, 2026
Tracked Since
Feb 18, 2026