Vulnerability Description
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Elecom | Wab-S300Iw-Pd Firmware | All versions |
| Elecom | Wab-S300Iw-Pd | All versions |
| Elecom | Wab-S733Iw-Pd Firmware | All versions |
| Elecom | Wab-S733Iw-Pd | All versions |
| Elecom | Wrc-X1500Gsa-B Firmware | < 1.13 |
| Elecom | Wrc-X1500Gsa-B | All versions |
| Elecom | Wrc-X1500Gs-B Firmware | < 1.13 |
| Elecom | Wrc-X1500Gs-B | All versions |
| Elecom | Wab-S300Iw2-Pd Firmware | < 5.5.02 |
| Elecom | Wab-S300Iw2-Pd | All versions |
| Elecom | Wab-S300Iw-Ac Firmware | < 5.5.02 |
| Elecom | Wab-S300Iw-Ac | All versions |
| Elecom | Wab-S733Iw2-Pd Firmware | < 5.5.02 |
| Elecom | Wab-S733Iw2-Pd | All versions |
| Elecom | Wab-S733Iw-Ac Firmware | < 5.5.02 |
| Elecom | Wab-S733Iw-Ac | All versions |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN94012927/Third Party Advisory
- https://www.elecom.co.jp/news/security/20260203-01/Vendor Advisory
- https://www.elecom.co.jp/news/security/20260203-02/Vendor Advisory
FAQ
What is CVE-2026-24465?
CVE-2026-24465 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
How severe is CVE-2026-24465?
CVE-2026-24465 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-24465?
Check the references section above for vendor advisories and patch information. Affected products include: Elecom Wab-S300Iw-Pd Firmware, Elecom Wab-S300Iw-Pd, Elecom Wab-S733Iw-Pd Firmware, Elecom Wab-S733Iw-Pd, Elecom Wrc-X1500Gsa-B Firmware.