Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
ELECOM wireless LAN access point devices do not require authentication to access some specific URLs. The affected product may be operated without authentication.
AnalysisAI
Unauthenticated remote access to ELECOM wireless LAN access points (WRC-BE72XSD, WRC-BE65QSD, WRC-W702 models) allows attackers to perform administrative operations via specific URLs that bypass authentication (CWE-288). With CVSS 4.0 score 9.3 (AV:N/AC:L/PR:N), this represents a critical access control failure enabling complete device compromise over the network. EPSS data not available; no confirmed active exploitation (not in CISA KEV) or public POC identified at time of analysis, though the vendor advisory from ELECOM and JPCERT coordination suggests real-world discovery.
Technical ContextAI
This vulnerability affects ELECOM's enterprise and consumer Wi-Fi 6E/7E access point product line (WRC-BE72XSD-B/BA, WRC-BE65QSD-B, WRC-W702-B running firmware v1.1.0-1.1.1). The issue is a classic authentication bypass (CWE-288: Authentication Bypass by Alternate Path/Channel) where the web management interface fails to enforce authentication checks on certain administrative URLs. In modern network appliances, every HTTP endpoint should validate session tokens or credentials, but path-based authorization flaws like this allow direct URL manipulation to reach privileged functions. The CPE strings identify the vendor as 'elecom_co.,ltd.' with specific model/firmware combinations vulnerable. This represents a fundamental access control failure in the device's embedded HTTP server implementation.
RemediationAI
Apply firmware updates from ELECOM immediately per security advisory at https://www.elecom.co.jp/news/security/20260512-01/. Specific patched firmware versions are not listed in available NVD data; consult the vendor advisory for exact fix releases for each model (WRC-BE72XSD-B/BA, WRC-BE65QSD-B, WRC-W702-B). Until patching, implement network-level compensating controls: (1) Disable remote administration features entirely if not required-trade-off is loss of remote management capability but eliminates internet-facing attack surface; (2) Restrict management interface access via firewall rules to specific trusted IP addresses only-reduces risk from guest networks and compromised IoT devices but requires maintaining IP allowlists; (3) Segment access point management VLANs from user/guest networks-limits lateral movement but requires VLAN-capable infrastructure; (4) Deploy intrusion detection to monitor unauthorized access attempts to management URLs-provides detection but not prevention. These mitigations do NOT fix the underlying authentication bypass and should be considered temporary until firmware patching is completed.
More in Wrc Be72Xsd B
View allOS command injection in ELECOM wireless LAN access points (WRC-BE72XSD, WRC-BE65QSD, WRC-W702 series) allows unauthentic
OS command injection in ELECOM wireless LAN access point devices allows authenticated administrators to execute arbitrar
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29940
GHSA-9v2f-mjhv-cgq5