Primary

Context

ELECOM WRH-733GBK and WRH-733GWH OS Command Injection Vulnerability in Telnet Function

Vulnerability

A vulnerability allowing OS command injection has been identified in the telnet function of ELECOM wireless LAN routers WRH-733GBK and WRH-733GWH, all versions. This vulnerability allows remote unauthenticated attackers to execute arbitrary OS commands on the affected devices.

Impact

Exploitation of this vulnerability allows for arbitrary OS command execution on the affected router.

Remediation

ELECOM has announced that these products are no longer supported and recommends users stop using them. For WRC-1167GHBK2-S, a workaround is available by changing the WebGUI login password, avoiding access to other websites while logged into the WebGUI, closing the web browser after using the WebGUI, and deleting the stored WebGUI password from the browser.

Added: Jun 24, 2025, 5:32 AM

Updated: Jun 24, 2025, 5:32 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

7.0

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

7.0

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ELECOM WRH-733GBK and WRH-733GWH OS Command Injection Vulnerability in Telnet Function

Vulnerability

Impact

Remediation

Affected Products

ELECOM WRH-733GBK

ELECOM WRH-733GWH

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating