CVE-2023-39455

Summary

CVE-2023-39455 is a critical OS command injection vulnerability affecting various ELECOM wireless LAN routers. Authenticated users can exploit this weakness by sending specially crafted requests, allowing them to execute arbitrary OS commands on the affected devices. The following models and versions are impacted: WRC-600GHBK-A, WRC-1467GHBK-A, WRC-1900GHBK-A, WRC-733FEBK2-A, WRC-F1167ACF2, WRC-1467GHBK-S, and WRC-1900GHBK-S, all versions. Successful exploitation could lead to unauthorized access, data theft, or system compromise. Users are advised to apply patches or updates as soon as they become available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.