CVE-2026-42961

MEDIUM NVD

CVSS Score 4.3

Severity MEDIUM

Published May 13, 2026

Vendor unknown

Description

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations.

References

https://jvn.jp/en/jp/JVN03037325/
https://www.elecom.co.jp/news/security/20260512-01/