Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for lan-wh300n\/dgp_firmware by elecom

    CVE-2023-43757 (GCVE-0-2023-43757)

    Vulnerability from nvd – Published: 2023-11-16 06:21 – Updated: 2024-08-02 19:52
    VLAI
    Summary
    Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.
    Severity
    No CVSS data available.
    CWE
    • Inadequate Encryption Strength
    Assigner
    Impacted products
    Vendor Product Version
    ELECOM CO.,LTD. WRC-2533GHBK2-T Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GHBK-I Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1750GHBK2-I Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1750GHBK-E Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1750GHBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GHBK2 Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GHBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-F1167ACF Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-733GHBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-733GHBK-I Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-733GHBK-C Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-300GHBK2-I Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-300GHBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-733FEBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-300FEBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-F300NF Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300WH-H Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300BK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300WH Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300RD Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300SV Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300BK-S Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300WH-S Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300BK2-S Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300WH2-S Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-H300BK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-H300WH Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-150BK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-150WH Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-W300N/RS Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-W301NR Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-W300N/P Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-WH300N/DGP Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-WH300NDGPE Affected: all versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:52:10.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20231114-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20230810-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20210706-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU94119876/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-2533GHBK2-T",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-2533GHBK-I",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1750GHBK2-I",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1750GHBK-E",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1750GHBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1167GHBK2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1167GHBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-F1167ACF",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-733GHBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-733GHBK-I",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-733GHBK-C",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-300GHBK2-I",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-300GHBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-733FEBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-300FEBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-F300NF",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300WH-H",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300BK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300WH",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300RD",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300SV",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300BK-S",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300WH-S",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300BK2-S",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300WH2-S",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-H300BK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-H300WH",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-150BK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-150WH",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-W300N/RS",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-W301NR",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-W300N/P",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300N/DGP",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300NDGPE",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Inadequate Encryption Strength",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-16T06:42:13.507Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20231114-01/"
            },
            {
              "url": "https://www.elecom.co.jp/news/security/20230810-01/"
            },
            {
              "url": "https://www.elecom.co.jp/news/security/20210706-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU94119876/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-43757",
        "datePublished": "2023-11-16T06:21:13.445Z",
        "dateReserved": "2023-10-31T07:10:40.728Z",
        "dateUpdated": "2024-08-02T19:52:10.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-35991 (GCVE-0-2023-35991)

    Vulnerability from nvd – Published: 2023-08-18 09:37 – Updated: 2024-10-21 20:26
    VLAI
    Summary
    Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    LOGITEC CORPORATION LAN-W300N/DR Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH300N/DR Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-W300N/P Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH450N/GP Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH300AN/DGP Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH300N/DGP Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH300ANDGPE Affected: all versions
    Create a notification for this product.
    elecom lan-wh450n\/gp_firmware Affected: 0 , < * (custom)
        cpe:2.3:o:elecom:lan-wh300n\/dgp_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-w300n\/dr_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-w300n\/p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-wh300andgpe_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-wh300an\/dgp_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-wh300n\/dr_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-wh450n\/gp_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:37:40.538Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20230810-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU91630351/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:elecom:lan-wh300n\\/dgp_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-w300n\\/dr_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-w300n\\/p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-wh300andgpe_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-wh300an\\/dgp_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-wh300n\\/dr_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-wh450n\\/gp_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lan-wh450n\\/gp_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-35991",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-21T20:16:01.788562Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-21T20:26:02.037Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LAN-W300N/DR",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300N/DR",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-W300N/P",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH450N/GP",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300AN/DGP",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300N/DGP",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300ANDGPE",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product\u0027s certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Hidden Functionality",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-18T09:37:37.744Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20230810-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU91630351/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-35991",
        "datePublished": "2023-08-18T09:37:37.744Z",
        "dateReserved": "2023-08-09T11:54:58.462Z",
        "dateUpdated": "2024-10-21T20:26:02.037Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-43757 (GCVE-0-2023-43757)

    Vulnerability from cvelistv5 – Published: 2023-11-16 06:21 – Updated: 2024-08-02 19:52
    VLAI
    Summary
    Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.
    Severity
    No CVSS data available.
    CWE
    • Inadequate Encryption Strength
    Assigner
    Impacted products
    Vendor Product Version
    ELECOM CO.,LTD. WRC-2533GHBK2-T Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-2533GHBK-I Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1750GHBK2-I Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1750GHBK-E Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1750GHBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GHBK2 Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-1167GHBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-F1167ACF Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-733GHBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-733GHBK-I Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-733GHBK-C Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-300GHBK2-I Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-300GHBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-733FEBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-300FEBK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRC-F300NF Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300WH-H Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300BK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300WH Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300RD Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300SV Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300BK-S Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300WH-S Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300BK2-S Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-300WH2-S Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-H300BK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-H300WH Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-150BK Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. WRH-150WH Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-W300N/RS Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-W301NR Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-W300N/P Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-WH300N/DGP Affected: all versions
    Create a notification for this product.
    ELECOM CO.,LTD. LAN-WH300NDGPE Affected: all versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:52:10.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20231114-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20230810-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20210706-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU94119876/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRC-2533GHBK2-T",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-2533GHBK-I",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1750GHBK2-I",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1750GHBK-E",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1750GHBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1167GHBK2",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-1167GHBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-F1167ACF",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-733GHBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-733GHBK-I",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-733GHBK-C",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-300GHBK2-I",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-300GHBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-733FEBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-300FEBK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRC-F300NF",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300WH-H",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300BK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300WH",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300RD",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300SV",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300BK-S",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300WH-S",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300BK2-S",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-300WH2-S",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-H300BK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-H300WH",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-150BK",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "WRH-150WH",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-W300N/RS",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-W301NR",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-W300N/P",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300N/DGP",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300NDGPE",
              "vendor": "ELECOM CO.,LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Inadequate Encryption Strength",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-16T06:42:13.507Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20231114-01/"
            },
            {
              "url": "https://www.elecom.co.jp/news/security/20230810-01/"
            },
            {
              "url": "https://www.elecom.co.jp/news/security/20210706-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU94119876/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-43757",
        "datePublished": "2023-11-16T06:21:13.445Z",
        "dateReserved": "2023-10-31T07:10:40.728Z",
        "dateUpdated": "2024-08-02T19:52:10.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-35991 (GCVE-0-2023-35991)

    Vulnerability from cvelistv5 – Published: 2023-08-18 09:37 – Updated: 2024-10-21 20:26
    VLAI
    Summary
    Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    LOGITEC CORPORATION LAN-W300N/DR Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH300N/DR Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-W300N/P Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH450N/GP Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH300AN/DGP Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH300N/DGP Affected: all versions
    Create a notification for this product.
    LOGITEC CORPORATION LAN-WH300ANDGPE Affected: all versions
    Create a notification for this product.
    elecom lan-wh450n\/gp_firmware Affected: 0 , < * (custom)
        cpe:2.3:o:elecom:lan-wh300n\/dgp_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-w300n\/dr_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-w300n\/p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-wh300andgpe_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-wh300an\/dgp_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-wh300n\/dr_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:elecom:lan-wh450n\/gp_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:37:40.538Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.elecom.co.jp/news/security/20230810-01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU91630351/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:elecom:lan-wh300n\\/dgp_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-w300n\\/dr_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-w300n\\/p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-wh300andgpe_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-wh300an\\/dgp_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-wh300n\\/dr_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:elecom:lan-wh450n\\/gp_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lan-wh450n\\/gp_firmware",
                "vendor": "elecom",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-35991",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-21T20:16:01.788562Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-21T20:26:02.037Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LAN-W300N/DR",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300N/DR",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-W300N/P",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH450N/GP",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300AN/DGP",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300N/DGP",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "product": "LAN-WH300ANDGPE",
              "vendor": "LOGITEC CORPORATION",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product\u0027s certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Hidden Functionality",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-18T09:37:37.744Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.elecom.co.jp/news/security/20230810-01/"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU91630351/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-35991",
        "datePublished": "2023-08-18T09:37:37.744Z",
        "dateReserved": "2023-08-09T11:54:58.462Z",
        "dateUpdated": "2024-10-21T20:26:02.037Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }