CVE-2025-53472 is a high-severity OS command injection vulnerability affecting ELECOM CO.,LTD.'s wireless router models WRC-BE36QS-B and WRC-W701-B, specifically versions v1.1.3 and earlier. The vulnerability exists in the WebGUI management interface, where improper neutralization of special elements in user-supplied input allows an authenticated remote attacker to execute arbitrary operating system commands. The vulnerability requires the attacker to have valid credentials to log into the WebGUI, but no additional user interaction is needed beyond authentication. Exploitation could lead to full compromise of the device, allowing the attacker to execute commands with the privileges of the WebGUI process, potentially leading to confidentiality breaches, integrity violations, and availability disruptions. The CVSS v3.1 base score is 7.2 (high), reflecting network attack vector, low attack complexity, high privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk given the critical role of routers in network infrastructure and the potential for lateral movement or persistent access within affected networks.

For European organizations, this vulnerability could have severe consequences. Compromise of these routers could lead to interception or manipulation of sensitive data traversing the network, disruption of business operations due to device instability or denial of service, and use of the compromised device as a foothold for further attacks within the corporate network. Given that these router models are used in both enterprise and possibly small-to-medium business environments, exploitation could impact confidentiality of communications, integrity of network traffic, and availability of network services. Additionally, compromised routers could be leveraged in botnets or for launching attacks against other targets, increasing the broader security risk. The requirement for authentication limits exposure to some extent, but insider threats or credential theft could enable exploitation. The lack of a patch link suggests organizations must be proactive in seeking vendor updates or applying mitigations.

European organizations using affected ELECOM router models should immediately verify their firmware versions and upgrade to the latest firmware once available from the vendor. Until patches are released, organizations should restrict WebGUI access to trusted management networks only, ideally via VPN or isolated management VLANs, to reduce exposure. Strong authentication controls, including complex passwords and multi-factor authentication where supported, should be enforced to prevent unauthorized login. Network monitoring should be enhanced to detect unusual command execution patterns or anomalous device behavior. If possible, disable WebGUI remote access entirely or limit it to specific IP addresses. Regularly audit router configurations and logs for signs of compromise. Consider network segmentation to limit the impact of a compromised router. Engage with ELECOM support channels to obtain timely security updates and advisories.