CVE-2026-24449 — MEDIUM (4.6)

Vulnerability Description

For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information.

CVSS Score

4.6

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Elecom	Wrc-X1500Gsa-B Firmware	All versions
Elecom	Wrc-X1500Gsa-B	-
Elecom	Wrc-X1500Gs-B Firmware	All versions
Elecom	Wrc-X1500Gs-B	-

Related Weaknesses (CWE)

CWE-1391

References

https://jvn.jp/en/jp/JVN94012927/Third Party Advisory
https://www.elecom.co.jp/news/security/20260203-01/Vendor Advisory

FAQ

What is CVE-2026-24449?

CVE-2026-24449 is a vulnerability with a CVSS score of 4.6 (MEDIUM). For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information.

How severe is CVE-2026-24449?

CVE-2026-24449 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-24449?

Check the references section above for vendor advisories and patch information. Affected products include: Elecom Wrc-X1500Gsa-B Firmware, Elecom Wrc-X1500Gsa-B, Elecom Wrc-X1500Gs-B Firmware, Elecom Wrc-X1500Gs-B.