[Japanese]

JVNDB-2023-002413

Multiple vulnerabilities in ELECOM and LOGITEC wireless LAN routers

Overview

Multiple wireless LAN routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below.

* Command Injection on the web management page (CWE-77) - CVE-2023-37566, CVE-2023-37568
* Command Injection on a certain port of the web management page (CWE-77) - CVE-2023-37567

Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 9.8 (Critical) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 7.5 (High) [NVD Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
    The above CVSS base scores have been assigned for CVE-2023-37567


CVSS V3 Severity:
Base Metrics 6.8 (Medium) [JPCERT/CC Score]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 5.2 (Medium) [JPCERT/CC Score]
  • Access Vector: Adjacent Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2023-37566


CVSS V3 Severity:
Base Metrics 6.8 (Medium) [JPCERT/CC Score]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 5.2 (Medium) [JPCERT/CC Score]
  • Access Vector: Adjacent Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2023-37568
Affected Products


ELECOM CO.,LTD.
  • WRC-1167FEBK-A v1.18 and earlier
  • WRC-1167GEBK-S v1.03 and earlier
  • WRC-1167GHBK-S v1.03 and earlier
  • WRC-1167GHBK3-A v1.24 and earlier
  • WRC-1467GHBK-A all versions
  • WRC-1900GHBK-A all versions
  • WRC-600GHBK-A all versions
  • WRC-733FEBK2-A all versions
  • WRC-F1167ACF2 all versions
Logitec Corp.
  • LAN-W301NR firmware all versions

Impact

* A network-adjacent authenticated attacker may execute an arbitrary command by sending a specially crafted request to the web management page - CVE-2023-37566, CVE-2023-37568
* A remote unauthenticated attacker may execute an arbitrary command by sending a specially crafted request to a certain port of the web management page - CVE-2023-37567
Solution

[Update the firmware]
Update the firmware to the latest version according to the information provided by the developer.
[Stop using the products]
Some vulnerable products are no longer supported. For more information, refer to the security advisory from the developer and stop using the products.

Vendor Information

ELECOM CO.,LTD.
CWE (What is CWE?)

  1. Command Injection(CWE-77) [Other]
CVE (What is CVE?)

  1. CVE-2023-37566
  2. CVE-2023-37567
  3. CVE-2023-37568
References

  1. JVN : JVNVU#91850798
  2. National Vulnerability Database (NVD) : CVE-2023-37566
  3. National Vulnerability Database (NVD) : CVE-2023-37567
  4. National Vulnerability Database (NVD) : CVE-2023-37568
Revision History

  • [2023/07/12]
      Web page was published
  • [2023/08/15]
      Title was modified
      Overview was modified
      CVSS Severity was modified
      Affected Products : Products were added 
      Affected Products : Product version was modified
      Impact was modified
      Solution was modified
  • [2023/08/15]
      Vendor Information : Content was modified
  • [2024/04/22]
      References : Contents were added