Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
CVE-2026-40621: ELECOM Wireless LAN Access Point Authentication Bypass
CVE-2026-40621
Summary
Some ELECOM wireless LAN access points do not require a password to access certain settings. This means that anyone with access to the device can make changes without needing a password. You should update your access points to the latest software version to fix this issue.
Original title
ELECOM wireless LAN access point devices do not require authentication to access some specific URLs. The affected product may be operated without authentication.
Original description
ELECOM wireless LAN access point devices do not require authentication to access some specific URLs. The affected product may be operated without authentication.
nvd CVSS3.0
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-288
Authentication Bypass Using Alternate Path
Published: 13 May 2026 · Updated: 28 May 2026 · First seen: 13 May 2026