Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser.
AnalysisAI
Stored cross-site scripting vulnerability in ELECOM wireless LAN access point devices (WAB-BE187-M, WAB-BE72-M, WAB-BE36-M, WAB-BE36-S) allows authenticated administrators to inject malicious scripts that execute in other administrators' web browsers when they access the device management interface. Exploitation requires high-privilege administrative credentials and user interaction (victim must visit the admin panel), limiting real-world risk despite network-accessible attack surface.
Technical ContextAI
This is a CWE-79 stored (persistent) cross-site scripting vulnerability in the device's web-based administration interface. ELECOM access points provide network management functions through an HTTP/HTTPS web portal; the vulnerability exists because the device fails to properly sanitize or encode user-supplied input from one administrator before storing and displaying it to other administrators. The attack vector is network-based (AV:N) but requires high-privilege credentials (PR:H) and relies on rendering of unsanitized data in a browser context, making this a client-side injection attack rather than server-side code execution. The scope is changed (S:C), indicating the vulnerability can affect other users beyond the authenticated administrator.
RemediationAI
Consult ELECOM's official security advisory at https://www.elecom.co.jp/news/security/20260512-01/ for firmware update availability and exact patched versions for each model (WAB-BE187-M, WAB-BE72-M, WAB-BE36-M, WAB-BE36-S). If patches are available, upgrade firmware to the latest version specified by ELECOM. As a compensating control pending patch availability, restrict administrative web interface access to trusted internal networks only using network ACLs or firewall rules, preventing untrusted administrators from accessing the device. Additionally, disable or restrict administrative interface access from the internet (disable remote management if supported) and implement strong access controls to limit the number of accounts with high-privilege administrative rights. Monitor access logs for suspicious administrative activity or unexpected configuration changes. These controls reduce attack surface but do not eliminate the vulnerability if multiple trusted administrators are required to co-manage the device.
More in Wab Be187 M
View allCross-site request forgery (CSRF) in ELECOM wireless LAN access points (WAB-BE187-M, WAB-BE72-M, WAB-BE36-M, WAB-BE36-S)
ELECOM wireless LAN access point models WAB-BE187-M, WAB-BE72-M, WAB-BE36-M, and WAB-BE36-S fail to validate the languag
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29942
GHSA-2xgj-qg94-hr45