Hidden Functionality Issue in WRC-BE36QS-B and WRC-W701-B by Elecom
CVE-2025-46267

6.9MEDIUM

Key Information:

Vendor: Elecom Co.,ltd.
Status: Wrc-be36qs-b; Wrc-w701-b
Vendor: CVE Published:; 22 July 2025

🔔 Create Elecom Co.,ltd. Vulnerability Alert

What is CVE-2025-46267?

A hidden functionality issue has been identified in Elecom's WRC-BE36QS-B and WRC-W701-B products. This vulnerability allows an attacker, who can gain access to the WebGUI, to enable a hidden debug function remotely. This could potentially provide unauthorized users with insight into the system, leading to security risks. It is crucial for users of these products to be aware of this exploit and to ensure that appropriate security measures are in place.

Affected Version(s)

WRC-BE36QS-B v1.1.3 and earlier

WRC-W701-B v1.1.3 and earlier

References

https://www.elecom.co.jp/news/security/20250722-01/

https://jvn.jp/en/vu/JVNVU91615135/

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2025
Vulnerability Reserved
Jul 11, 2025