Gratis scannen
Analyse in behandelingCVE-2026-25107

CVE-2026-25107: Configuration File Tampering in ELECOM WRC-X1800GS-B

Platform

linux

Component

elecom-wrc-x1800gs-b

Bekijk op NVD
Opslaan

CVE-2026-25107 affects ELECOM WRC-X1800GS-B Wireless LAN Access Points running versions 1.06 through 1.19. This vulnerability stems from the use of a hardcoded cryptographic key when backing up configuration files. An attacker possessing this key can modify these backups, potentially tricking administrators into restoring a malicious configuration, leading to unauthorized access or device compromise.

Impact en Aanvalsscenarioswordt vertaald…

The primary impact of this vulnerability is the potential for unauthorized configuration changes. An attacker who obtains the hardcoded encryption key can craft a malicious configuration file backup. If an administrator restores this crafted backup, the attacker gains control over the access point's settings. This could include altering the network name (SSID), changing the password, redirecting traffic, or even disabling security features. The blast radius extends to all devices connected to the compromised access point, as they would be subject to the attacker's manipulated network configuration. While direct remote code execution isn't possible, the ability to control network settings presents a significant security risk.

Uitbuitingscontextwordt vertaald…

As of the publication date (2026-05-13), this CVE has not been listed on KEV or EPSS. The CVSS score of 6.5 (Medium) indicates a moderate probability of exploitation. Public proof-of-concept (POC) code is currently unavailable, but the vulnerability's nature makes it likely that exploits will emerge if the vendor does not release a timely patch. Monitor security advisories and threat intelligence feeds for updates.

Dreigingsinformatie

Exploit Status

Proof of ConceptOnbekend
CISA KEVNO
InternetblootstellingHoog

CISA SSVC

Exploitatienone
Automatiseerbaarno
Technische Impactpartial

CVSS-vector

DREIGINGSINFORMATIE· CVSS 3.1CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N6.5MEDIUMAttack VectorNetworkHoe de aanvaller het doel bereiktAttack ComplexityLowVereiste omstandigheden om te exploiterenPrivileges RequiredNoneVereist authenticatieniveau voor aanvalUser InteractionRequiredOf het slachtoffer actie moet ondernemenScopeUnchangedImpact buiten het getroffen onderdeelConfidentialityNoneRisico op blootstelling van gevoelige dataIntegrityHighRisico op ongeautoriseerde gegevenswijzigingAvailabilityNoneRisico op verstoring van dienstennextguardhq.com · CVSS v3.1 Basisscore
Wat betekenen deze metrics?
Attack Vector
Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
Attack Complexity
Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
Privileges Required
Geen — geen authenticatie vereist om te exploiteren.
User Interaction
Vereist — slachtoffer moet een bestand openen, op een link klikken of een pagina bezoeken.
Scope
Ongewijzigd — impact beperkt tot het kwetsbare component.
Confidentiality
Geen — geen vertrouwelijkheidsimpact.
Integrity
Hoog — aanvaller kan alle gegevens schrijven, aanpassen of verwijderen.
Availability
Geen — geen beschikbaarheidsimpact.

Getroffen Software

Componentelecom-wrc-x1800gs-b
LeverancierELECOM CO.,LTD.
Minimumversie1.06
Maximumversiev1.19 and earlier

Zwakheidsclassificatie (CWE)

CWE-321

Tijdlijn

  1. Gereserveerd
  2. Gepubliceerd

Mitigatie en Workaroundswordt vertaald…

The primary mitigation is to upgrade the ELECOM WRC-X1800GS-B access point to a version that addresses this vulnerability (a patched version is expected from ELECOM). Until an upgrade is available, implement strict file integrity checks on all configuration backups. Verify the hash of any restored configuration file against a known good baseline. Limit access to the configuration backup functionality to authorized personnel only. Consider implementing a WAF or proxy to inspect traffic related to configuration file uploads and downloads, looking for suspicious patterns. After upgrade, confirm by verifying the configuration file backup process no longer uses the hardcoded key.

Hoe te verhelpenwordt vertaald…

Actualice el firmware del dispositivo ELECOM WRC-X1800GS-B a una versión corregida. Consulte el sitio web de ELECOM para obtener las últimas actualizaciones de firmware y las instrucciones de instalación.

Veelgestelde vragenwordt vertaald…

What is CVE-2026-25107 — Configuration File Tampering in ELECOM WRC-X1800GS-B?

CVE-2026-25107 is a medium-severity vulnerability affecting ELECOM WRC-X1800GS-B access points. It allows attackers with the hardcoded encryption key to tamper with configuration backups, potentially compromising device settings and network security.

Am I affected by CVE-2026-25107 in ELECOM WRC-X1800GS-B?

You are affected if you are using an ELECOM WRC-X1800GS-B access point running version 1.06 through 1.19. Check your device's firmware version to determine if you are vulnerable.

How do I fix CVE-2026-25107 in ELECOM WRC-X1800GS-B?

The recommended fix is to upgrade to a patched version of the firmware from ELECOM. Until an upgrade is available, implement strict file integrity checks and restrict access to configuration backups.

Is CVE-2026-25107 being actively exploited?

As of 2026-05-13, there are no reports of active exploitation. However, the vulnerability's nature suggests it could be exploited if a patch is not released promptly.

Where can I find the official ELECOM advisory for CVE-2026-25107?

Refer to the ELECOM website's security advisories section for the official advisory regarding CVE-2026-25107. Check their support pages for firmware updates and further details.

Is jouw project getroffen?

Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.

Gratis scannenCVEs zoeken
livefree scan

Probeer het nu — geen account

Upload een manifest (composer.lock, package-lock.json, WordPress pluginlijst…) of plak uw componentenlijst. U ontvangt direct een kwetsbaarheidsrapport. Een bestand uploaden is slechts het begin: met een account krijgt u continue monitoring, Slack/e-mail alerts, multi-project en white-label rapporten.

Manual scanSlack/email alertsscanZone.capMonitorWhite-label reports

Sleep uw afhankelijkheidsbestand hierheen

composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...