Pending AnalysisCVE-2026-25107

CVE-2026-25107: Configuration File Tampering in ELECOM WRC-X1800GS-B

Platform

linux

Component

elecom-wrc-x1800gs-b

CVE-2026-25107 affects ELECOM WRC-X1800GS-B Wireless LAN Access Points running versions 1.06 through 1.19. This vulnerability stems from the use of a hardcoded cryptographic key when backing up configuration files. An attacker possessing this key can modify these backups, potentially tricking administrators into restoring a malicious configuration, leading to unauthorized access or device compromise.

Impact and Attack Scenarios

The primary impact of this vulnerability is the potential for unauthorized configuration changes. An attacker who obtains the hardcoded encryption key can craft a malicious configuration file backup. If an administrator restores this crafted backup, the attacker gains control over the access point's settings. This could include altering the network name (SSID), changing the password, redirecting traffic, or even disabling security features. The blast radius extends to all devices connected to the compromised access point, as they would be subject to the attacker's manipulated network configuration. While direct remote code execution isn't possible, the ability to control network settings presents a significant security risk.

Exploitation Context

As of the publication date (2026-05-13), this CVE has not been listed on KEV or EPSS. The CVSS score of 6.5 (Medium) indicates a moderate probability of exploitation. Public proof-of-concept (POC) code is currently unavailable, but the vulnerability's nature makes it likely that exploits will emerge if the vendor does not release a timely patch. Monitor security advisories and threat intelligence feeds for updates.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

CISA SSVC

Exploitationnone

Automatableno

Technical Impactpartial

CVSS Vector

What do these metrics mean?

Attack Vector: Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity: Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required: None — unauthenticated. No login or credentials needed to exploit.
User Interaction: Required — victim must take an action: open a file, click a link, or visit a crafted page.
Scope: Unchanged — impact is limited to the vulnerable component itself.
Confidentiality: None — no confidentiality impact. Attacker cannot read protected data.
Integrity: High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability: None — no availability impact. Service remains fully operational.

Affected Software

Componentelecom-wrc-x1800gs-b

VendorELECOM CO.,LTD.

Minimum version1.06

Maximum versionv1.19 and earlier

Weakness Classification (CWE)

CWE-321

Timeline

Reserved2026-05-07
Published2026-05-13

Mitigation and Workarounds

The primary mitigation is to upgrade the ELECOM WRC-X1800GS-B access point to a version that addresses this vulnerability (a patched version is expected from ELECOM). Until an upgrade is available, implement strict file integrity checks on all configuration backups. Verify the hash of any restored configuration file against a known good baseline. Limit access to the configuration backup functionality to authorized personnel only. Consider implementing a WAF or proxy to inspect traffic related to configuration file uploads and downloads, looking for suspicious patterns. After upgrade, confirm by verifying the configuration file backup process no longer uses the hardcoded key.

How to fix

Actualice el firmware del dispositivo ELECOM WRC-X1800GS-B a una versión corregida. Consulte el sitio web de ELECOM para obtener las últimas actualizaciones de firmware y las instrucciones de instalación.

Frequently asked questions

What is CVE-2026-25107 — Configuration File Tampering in ELECOM WRC-X1800GS-B?

CVE-2026-25107 is a medium-severity vulnerability affecting ELECOM WRC-X1800GS-B access points. It allows attackers with the hardcoded encryption key to tamper with configuration backups, potentially compromising device settings and network security.

Am I affected by CVE-2026-25107 in ELECOM WRC-X1800GS-B?

You are affected if you are using an ELECOM WRC-X1800GS-B access point running version 1.06 through 1.19. Check your device's firmware version to determine if you are vulnerable.

How do I fix CVE-2026-25107 in ELECOM WRC-X1800GS-B?

The recommended fix is to upgrade to a patched version of the firmware from ELECOM. Until an upgrade is available, implement strict file integrity checks and restrict access to configuration backups.

Is CVE-2026-25107 being actively exploited?

As of 2026-05-13, there are no reports of active exploitation. However, the vulnerability's nature suggests it could be exploited if a patch is not released promptly.

Where can I find the official ELECOM advisory for CVE-2026-25107?

Refer to the ELECOM website's security advisories section for the official advisory regarding CVE-2026-25107. Check their support pages for firmware updates and further details.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan free Search CVEs

livefree scan

Try it now — no account

Upload any manifest (composer.lock, package-lock.json, WordPress plugin list…) or paste your component list. You get a vulnerability report instantly. Uploading a file is just the start: with an account you get continuous monitoring, Slack/email alerts, multi-project and white-label reports.

Manual scanSlack/email alertsContinuous monitoringWhite-label reports

Drag & drop your dependency file

composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...

Browse files