Volerion logoVolerion
Volerion logoVolerion

ELECOM Wireless LAN Routers OS Command Injection Vulnerability

Vulnerability

A command injection vulnerability has been identified in several models of ELECOM wireless LAN routers, including the WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN. This vulnerability allows remote authenticated attackers to execute arbitrary operating system commands by sending specially crafted requests through the Connection Diagnostics page. The issue arises from improper handling of special characters that could be used to manipulate command execution.

Impact

Exploitation of this vulnerability allows for arbitrary OS command execution on the affected router.

Remediation

Users are advised to update the router's firmware to the latest version. Instructions for checking the current firmware version and performing the update are available on the ELECOM website.

Added: Jun 24, 2025, 5:26 AM
Updated: Jun 24, 2025, 5:26 AM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
10.0
exploitability
4.9
remediation
7.7
relevance
0.2
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.