Versio.io

CVE-2022-25915

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 31-03-2022 11:15
Last modified: - 08-04-2022 08:30
Total changes: - 2

Description

Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to bypass access restriction and to access the management screen of the product via unspecified vectors.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Adjacent
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
8.8
Base score
2.8
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=elecom AND product=wrc-1167gst2_firmware AND versionEndIncluding=1.25
OR
vendor=elecom AND product=wrc-1167gst2 AND version=-
AND
OR
vendor=elecom AND product=wrc-1167gst2a_firmware AND versionEndIncluding=1.25
OR
vendor=elecom AND product=wrc-1167gst2a AND version=-
AND
OR
vendor=elecom AND product=wrc-1167gst2h_firmware AND versionEndIncluding=1.25
OR
vendor=elecom AND product=wrc-1167gst2h AND version=-
AND
OR
vendor=elecom AND product=wrc-2533gs2-b_firmware AND versionEndIncluding=1.52
OR
vendor=elecom AND product=wrc-2533gs2-b AND version=-
AND
OR
vendor=elecom AND product=wrc-2533gs2-w_firmware AND versionEndIncluding=1.52
OR
vendor=elecom AND product=wrc-2533gs2-w AND version=-
AND
OR
vendor=elecom AND product=wrc-1750gs_firmware AND versionEndIncluding=1.03
OR
vendor=elecom AND product=wrc-1750gs AND version=-
AND
OR
vendor=elecom AND product=wrc-1750gsv_firmware AND versionEndIncluding=2.11
OR
vendor=elecom AND product=wrc-1750gsv AND version=-
AND
OR
vendor=elecom AND product=wrc-1900gst_firmware AND versionEndIncluding=1.03
OR
vendor=elecom AND product=wrc-1900gst AND version=-
AND
OR
vendor=elecom AND product=wrc-2533gst_firmware AND versionEndIncluding=1.03
OR
vendor=elecom AND product=wrc-2533gst AND version=-
AND
OR
vendor=elecom AND product=wrc-2533gst2_firmware AND versionEndIncluding=1.25
OR
vendor=elecom AND product=wrc-2533gst2 AND version=-
AND
OR
vendor=elecom AND product=wrc-2533gsta_firmware AND versionEndIncluding=1.03
OR
vendor=elecom AND product=wrc-2533gsta AND version=-
AND
OR
vendor=elecom AND product=wrc-2533gst2sp_firmware AND versionEndIncluding=1.25
OR
vendor=elecom AND product=wrc-2533gst2sp AND version=-
AND
OR
vendor=elecom AND product=wrc-2533gst2-g_firmware AND versionEndIncluding=1.25
OR
vendor=elecom AND product=wrc-2533gst2-g AND version=-
AND
OR
vendor=elecom AND product=edwrc-2533gst2_firmware AND versionEndIncluding=1.25
OR
vendor=elecom AND product=edwrc-2533gst2 AND version=-
AND
OR
vendor=elecom AND product=wrc-1167gs2-b_firmware AND versionEndIncluding=1.65
OR
vendor=elecom AND product=wrc-1167gs2-b AND version=-
AND
OR
vendor=elecom AND product=wrc-1167gs2h-b_firmware AND versionEndIncluding=1.65
OR
vendor=elecom AND product=wrc-1167gs2h-b AND version=-
AND
OR
vendor=elecom AND product=wmc-dlgst2-w_firmware AND versionEndIncluding=1.24
OR
vendor=elecom AND product=wmc-dlgst2-w AND version=-
AND
OR
vendor=elecom AND product=wmc-m1267gst2-w_firmware AND versionEndIncluding=1.24
OR
vendor=elecom AND product=wmc-m1267gst2-w AND version=-
AND
OR
vendor=elecom AND product=wmc-2hc-w_firmware AND versionEndIncluding=1.24
OR
vendor=elecom AND product=wmc-2hc-w AND version=-
AND
OR
vendor=elecom AND product=wmc-c2533gst-w_firmware AND versionEndIncluding=1.24
OR
vendor=elecom AND product=wmc-c2533gst-w AND version=-
AND
OR
vendor=elecom AND product=wrc-1900gst2_firmware AND versionEndIncluding=1.15
OR
vendor=elecom AND product=wrc-1900gst2 AND version=-
AND
OR
vendor=elecom AND product=wrc-1900gst2sp_firmware AND versionEndIncluding=1.15
OR
vendor=elecom AND product=wrc-1900gst2sp AND version=-
AND
OR
vendor=elecom AND product=wrc-1750gst2_firmware AND versionEndIncluding=1.14
OR
vendor=elecom AND product=wrc-1750gst2 AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2022-25915

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.