Home

Description

Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69 and earlier, WRC-2533GS2-W, WRC-1167GST2, WRC-1167GS2-B, and WRC-1167GS2H-B. If a specially crafted file is uploaded by a remote authenticated attacker, arbitrary code may be executed on the product.

PUBLISHED Reserved 2025-06-17 | Published 2025-06-24 | Updated 2026-02-03 | Assigner jpcert




MEDIUM: 4.3CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

Unrestricted upload of file with dangerous type

Product status

v1.31 and earlier
affected

v1.34 and earlier
affected

v1.69 and earlier
affected

v1.69 and earlier
affected

v1.69 and earlier
affected

v1.74 and earlier
affected

v1.74 and earlier
affected

References

www.elecom.co.jp/news/security/20250624-01/

jvn.jp/en/jp/JVN39435597/

cve.org (CVE-2025-36519)

nvd.nist.gov (CVE-2025-36519)

Download JSON