Home

Description

Cross-site request forgery vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed.

PUBLISHED Reserved 2026-01-30 | Published 2026-02-03 | Updated 2026-02-03 | Assigner jpcert




MEDIUM: 4.3CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

MEDIUM: 5.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

Cross-site request forgery (CSRF)

Product status

v1.12 and earlier versions
affected

v1.12 and earlier versions
affected

References

www.elecom.co.jp/news/security/20260203-01/

jvn.jp/en/jp/JVN94012927/

cve.org (CVE-2026-20704)

nvd.nist.gov (CVE-2026-20704)

Download JSON