[Japanese]

JVNDB-2023-006588

Multiple vulnerabilities in ELECOM and LOGITEC routers

Overview

Multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below.

* OS Command Injection (CWE-78) - CVE-2023-43752
* Inadequate Encryption Strength (CWE-326) - CVE-2023-43757

CVE-2023-43752
Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.

CVE-2023-43757
Katsuhiko Sato(a.k.a. goroh_kun), Yuya Adachi and Ryo Kamino of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 6.8 (Medium) [Other]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2023-43752


CVSS V3 Severity:
Base Metrics6.5 (Medium) [Other]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2023-43757
Affected Products


ELECOM CO.,LTD.
  • WRC-1167GHBK firmware all versions
  • WRC-1167GHBK2 firmware all versions
  • WRC-1750GHBK firmware all versions
  • WRC-1750GHBK-E firmware all versions
  • WRC-1750GHBK2-I firmware all versions
  • WRC-2533GHBK-I firmware all versions
  • WRC-2533GHBK2-T firmware all versions
  • WRC-300FEBK firmware all versions
  • WRC-300GHBK firmware all versions
  • WRC-300GHBK2-I firmware all versions
  • WRC-733FEBK firmware all versions
  • WRC-733GHBK firmware all versions
  • WRC-733GHBK-C firmware all versions
  • WRC-733GHBK-I firmware all versions
  • WRC-F1167ACF firmware all versions
  • WRC-F300NF firmware all versions
  • WRC-X3000GS2-B firmware v1.05 and earlier
  • WRC-X3000GS2-W firmware v1.05 and earlier
  • WRC-X3000GS2A-B firmware v1.05 and earlier
  • WRH-150BK firmware all versions
  • WRH-150WH firmware all versions
  • WRH-300BK firmware all versions
  • WRH-300BK-S firmware all versions
  • WRH-300BK2-S firmware all versions
  • WRH-300RD firmware all versions
  • WRH-300SV firmware all versions
  • WRH-300WH firmware all versions
  • WRH-300WH-H firmware all versions
  • WRH-300WH-S firmwware all versions
  • WRH-300WH2-S firmware all versions
  • WRH-H300BK firmware all versions
  • WRH-H300WH firmware all versions
Logitec Corp.
  • LAN-W300N/P firmware all versions
  • LAN-W300N/RS firmware all versions
  • LAN-W301NR firmware all versions
  • LAN-WH300N/DGP firmware all versions
  • LAN-WH300NDGPE firmware all versions

Impact

* A logged-in user may execute an arbitrary OS command by sending a specially crafted request - CVE-2023-43752
* An attacker who can access the product may guess the encryption key used for the wireless LAN communication and intercept the communication - CVE-2023-43757
Solution

CVE-2023-43752
[Update the firmware]
Update the firmware to the latest version according to the information provided by the developer.

CVE-2023-43757
[Apply the workaround]
The developer recommends to change the initial Wi-Fi (wireless LAN) encryption key to stronger ones instead of the default value.

[Stop using the products]
Some vulnerable products are no longer supported. Stop using the products and consider switching to alternative products. For more information, refer to the security advisories released on July 6, 2021 and August 10, 2023 from the developer.
Vendor Information

ELECOM CO.,LTD.
CWE (What is CWE?)

  1. Inadequate Encryption Strength(CWE-326) [Other]
  2. OS Command Injection(CWE-78) [Other]
CVE (What is CVE?)

  1. CVE-2023-43752
  2. CVE-2023-43757
References

  1. JVN : JVNVU#94119876
  2. National Vulnerability Database (NVD) : CVE-2023-43752
  3. National Vulnerability Database (NVD) : CVE-2023-43757
Revision History

  • [2023/11/15]
      Web page was published
  • [2024/04/26]
      References : Contents were added