Primary

Context

I-O Data Wireless LAN Routers OS Command Injection Vulnerability

Vulnerability

An OS command injection vulnerability has been identified in I-O Data wireless LAN routers WN-7D36QR and WN-7D36QR/UE, both running firmware through version 1.1.3. This vulnerability allows a remote authenticated attacker to execute arbitrary OS commands on the device.

Impact

Exploitation of this vulnerability allows for arbitrary OS command execution by a remote authenticated attacker.

Remediation

Users are advised to update the router's firmware to version 2.1.3. Firmware download instructions are available on the I-O Data support website.

Added: Sep 17, 2025, 4:21 AM

Updated: Sep 17, 2025, 4:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

I-O Data Wireless LAN Routers OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating