Primary

Context

ELECOM WRC-1167GHBK2-S Stored Cross-Site Scripting Vulnerability

Vulnerability

A stored cross-site scripting vulnerability has been identified in the ELECOM WRC-1167GHBK2-S wireless LAN router, all versions. This vulnerability allows an authenticated attacker to execute arbitrary scripts in the web browser of users accessing the router's WebGUI.

Impact

Exploitation of this vulnerability allows for the execution of arbitrary scripts in the web browser of the user accessing the router's WebGUI.

Remediation

ELECOM has stated that this product is no longer supported and recommends users stop using it. As a temporary measure, users can change the WebGUI login password, avoid accessing other websites while logged into the WebGUI, close the web browser after finishing with the WebGUI, and delete the stored WebGUI password from the browser.

Added: Jun 24, 2025, 5:22 AM

Updated: Jun 24, 2025, 5:22 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.7

exploitability

4.6

remediation

8.3

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.7

exploitability

4.6

remediation

8.3

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ELECOM WRC-1167GHBK2-S Stored Cross-Site Scripting Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ELECOM WRC-1167GHBK2-S

ELECOM WRH-733GBK

ELECOM WRH-733GWH

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating