CVE-2026-42950

MEDIUM

Elecom Co.,ltd. WAB-BE187-M - Improper Check for Unusual or Exceptional Conditions

Title source: rule
STIX 2.1

Description

ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken.

References (2)

Core 2

Scores

CVSS v3 4.3
EPSS 0.0021
EPSS Percentile 10.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-754
Status published
Products (4)
ELECOM CO.,LTD./WAB-BE187-M v1.1.10 and earlier
ELECOM CO.,LTD./WAB-BE36-M v1.1.3 and earlier
ELECOM CO.,LTD./WAB-BE36-S v1.1.3 and earlier
ELECOM CO.,LTD./WAB-BE72-M v1.1.3 and earlier
Published May 13, 2026
Tracked Since May 13, 2026