Primary

Context

ELECOM Wireless LAN Access Points Inadequate CSRF Protection Vulnerability

Vulnerability

A vulnerability exists in various ELECOM wireless LAN access point models due to inadequate handling of Cross-Site Request Forgery (CSRF) tokens. While these devices implement a CSRF protection mechanism, the implementation is flawed, allowing logged-in users to be tricked into performing unintended actions. This vulnerability affects multiple access point models through specific firmware versions.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed by a logged-in user on the affected device.

Remediation

Users are advised to update the firmware to the latest version available for their specific ELECOM wireless LAN access point model.

Added: May 13, 2026, 4:09 PM

Updated: May 13, 2026, 4:09 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

5.6

remediation

0.0

relevance

8.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

5.6

remediation

0.0

relevance

8.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ELECOM Wireless LAN Access Points Inadequate CSRF Protection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ELECOM WAB-BE187-M

ELECOM WAB-BE72-M

ELECOM WAB-BE36-M

ELECOM WAB-BE36-S

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating