What the vulnerability does
01Description
OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution.
CVSS base score
7.2/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
February 3, 2026
CVE published
May 12, 2026
Record updated
External resources
03References
Related vulnerabilities
