Home

Description

Unrestricted upload of file with dangerous type vulnerability exists in ELECOM wireless LAN routers. A specially crafted file may be uploaded to the affected product by a logged-in user with an administrative privilege, resulting in an arbitrary OS command execution.

PUBLISHED Reserved 2024-07-26 | Published 2024-08-01 | Updated 2026-05-12 | Assigner jpcert




MEDIUM: 6.8CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

Unrestricted upload of file with dangerous type

Product status

v1.32 and earlier
affected

v1.68 and earlier
affected

v1.68 and earlier
affected

v1.68 and earlier
affected

v1.30 and earlier
affected

v1.74 and earlier
affected

v1.74 and earlier
affected

v1.27 and earlier
affected

v1.26 and earlier
affected

v1.42 and earlier
affected

v1.42 and earlier
affected

References

www.elecom.co.jp/news/security/20240730-01/

jvn.jp/en/jp/JVN06672778/

cve.org (CVE-2024-34021)

nvd.nist.gov (CVE-2024-34021)

Download JSON