Published:2026/02/03  Last Updated:2026/02/03

JVN#94012927
Multiple vulnerabilities in ELECOM wireless LAN products

Overview

Wireless LAN products provided by ELECOM CO.,LTD. contain multiple vulnerabilities.

Products Affected

CVE-2026-20704, CVE-2026-22550

  • WRC-X1500GS-B v1.12 and earlier versions
  • WRC-X1500GSA-B v1.12 and earlier versions
CVE-2026-24449
  • WRC-X1500GS-B all versions
  • WRC-X1500GSA-B all versions
CVE-2026-24465
  • WAB-S733IW2-PD v5.5.00 and earlier versions
  • WAB-S733IW-AC v5.5.00 and earlier versions
  • WAB-S733IW-PD all versions
  • WAB-S300IW2-PD v5.5.00 and earlier versions
  • WAB-S300IW-AC v5.5.00 and earlier versions
  • WAB-S300IW-PD all versions

Description

Wireless LAN products provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. 

  • Cross-site request forgery (CWE-352)
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.1
    • CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3
    • CVE-2026-20704
  • OS command injection (CWE-78)
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.6
    • CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 7.2
    • CVE-2026-22550
  • Use of weak credentials (CWE-1391)
    • CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 5.1
    • CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score 4.6
    • CVE-2026-24449
  • Stack-based buffer overflow (CWE-121)
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3
    • CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8
    • CVE-2026-24465

Impact

  • If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed. (CVE-2026-20704)
  • An arbitrary OS command may be executed by a logged-in user. (CVE-2026-22550)
  • The initial passwords can be calculated easily from the system information. (CVE-2026-24449)
  • A crafted packet may lead to arbitrary code execution. (CVE-2026-24465)

Solution

Update and configure the firmware properly, or Stop using the products
The updated firmwares are available to fix these issues for the supported models.
​Update the firmware to the latest version according to the information provided by the developer.
WAB-S733IW-PD and WAB-S300IW-PD are no longer supported, therefore stop using these models.

After updating the firmware, change the passwords for the admin page and Wi-Fi connection to a strong, hard-to-guess, ones.

Vendor Status

Vendor Status Last Update Vendor Notes
ELECOM CO.,LTD. Vulnerable 2026/02/03 ELECOM CO.,LTD. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

CVE-2026-20704, CVE-2026-22550
Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2026-24449
Soh Satoh reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2026-24465
MASAHIRO IIDA of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2026-20704
CVE-2026-22550
CVE-2026-24449
CVE-2026-24465
JVN iPedia JVNDB-2026-000019