Primary

Context

ELECOM Wireless LAN Products Cross-Site Request Forgery Vulnerability

Vulnerability

Patched

A cross-site request forgery (CSRF) vulnerability has been identified in ELECOM wireless LAN routers WRC-X1500GS-B and WRC-X1500GSA-B, both version 1.12 and earlier. This vulnerability allows unintended actions to be performed on behalf of a user who is logged into the affected device and accesses a malicious webpage.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed on the affected device, potentially allowing attackers to manipulate settings or configurations without the user's consent.

Remediation

Users are advised to update the firmware of the affected models to version 1.13 or later. After updating, it is recommended to change the passwords for the admin page and Wi-Fi connection to strong, hard-to-guess alternatives.

Added: Feb 3, 2026, 7:22 AM

Updated: Feb 3, 2026, 7:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

5.8

remediation

8.3

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

5.8

remediation

8.3

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ELECOM Wireless LAN Products Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ELECOM WRC-X1500GS-B

ELECOM WRC-X1500GSA-B

ELECOM WAB-S733IW2-PD

ELECOM WAB-S733IW-AC

ELECOM WAB-S300IW2-PD

ELECOM WAB-S300IW-AC

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating