CVE-2026-42062

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required.

More information : https://jvn.jp/en/jp/JVN03037325/