CVE-2025-36519 is a vulnerability identified in several ELECOM CO.,LTD. wireless router models, including WRC-2533GST2, WRC-1167GST2, and related variants, specifically in firmware versions 1.69 and earlier. The issue stems from insufficient validation on file uploads, allowing authenticated remote attackers to upload files with dangerous types unrestrictedly. This flaw can be exploited to execute arbitrary code on the device, compromising its integrity. The attack vector requires network access and valid credentials, but no additional user interaction is necessary. The vulnerability does not impact confidentiality or availability directly but poses a risk to device integrity and control. No public exploits have been reported yet, but the presence of arbitrary code execution potential makes it a significant concern. The CVSS 3.0 base score of 4.3 reflects the medium severity, factoring in network attack vector, low attack complexity, and required privileges. The vulnerability affects a range of ELECOM routers widely used in small to medium enterprise and possibly home environments. The lack of available patches at the time of reporting necessitates interim mitigations to reduce risk. Attackers exploiting this vulnerability could gain persistent control over affected devices, potentially using them as footholds for further network compromise or lateral movement.

For European organizations, the primary impact of CVE-2025-36519 lies in the potential compromise of network infrastructure devices, specifically ELECOM wireless routers. Successful exploitation could allow attackers to execute arbitrary code, leading to unauthorized configuration changes, installation of malicious firmware, or use of the device as a pivot point for further attacks within the network. This undermines the integrity of network operations and could facilitate espionage, data exfiltration, or disruption of services indirectly. Organizations relying on these routers for critical connectivity or security segmentation may face increased risk of persistent intrusions. The requirement for authentication limits exposure but does not eliminate risk, especially if credential management is weak or default credentials are in use. Given the medium severity, the threat is moderate but could escalate if combined with other vulnerabilities or poor security practices. European entities in sectors such as telecommunications, manufacturing, or SMEs using ELECOM equipment should be particularly vigilant.

1. Apply firmware updates from ELECOM as soon as they are released to address this vulnerability. 2. Restrict administrative access to the routers by limiting management interfaces to trusted IP addresses or VPNs. 3. Enforce strong authentication mechanisms, including changing default credentials and implementing multi-factor authentication if supported. 4. Monitor router logs and network traffic for unusual file upload activities or unauthorized access attempts. 5. Segment network infrastructure to isolate critical devices and reduce the attack surface. 6. Disable or restrict file upload functionality if not required for normal operations. 7. Conduct regular security audits and vulnerability assessments on network devices. 8. Educate network administrators about the risks of this vulnerability and best practices for secure device management. 9. Consider deploying network intrusion detection systems capable of identifying anomalous behavior related to device compromise.