[Japanese]

JVNDB-2024-000088

Multiple vulnerabilities in ELECOM wireless LAN routers and access points

Overview

Multiple wireless LAN routers and access points provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below.

* Cross-site scripting vulnerability due to an improper processing of input values in easysetup.cgi and menu.cgi (CWE-79) - CVE-2024-34577, CVE-2024-42412

* Missing authentication in Telnet function (CWE-306) - CVE-2024-39300

* Stack-based buffer overflow due to an improper processing of input values in common.cgi (CWE-121) - CVE-2024-43689

CVE-2024-34577
Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2024-39300
SASABE Tetsuro reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2024-42412, CVE-2024-43689
RyotaK of Flatt Security Inc. reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 8.8 (High) [IPA Score]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2024-43689

CVSS V3 Severity:
Base Metrics 6.1 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2024-34577, CVE-2024-42412

CVSS V3 Severity:
Base Metrics 8.1 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2024-39300
Affected Products


ELECOM CO.,LTD.
  • WAB-I1750-PS v1.5.10 and earlier (CVE-2024-39300, CVE-2024-42412, CVE-2024-43689)
  • WAB-S1167-PS v1.5.6 and earlier (CVE-2024-42412, CVE-2024-43689)
  • WRC-X3000GS2-B firmware v1.08 and earlier (CVE-2024-34577)
  • WRC-X3000GS2-W firmware v1.08 and earlier (CVE-2024-34577)
  • WRC-X3000GS2A-B firmware v1.08 and earlier (CVE-2024-34577)

Impact

* If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser (CVE-2024-34577, CVE-2024-42412)

* When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings (CVE-2024-39300)

* By processing a specially crafted HTTP request, an arbitrary code may be executed (CVE-2024-43689)
Solution

[Update the firmware]
Update the firmware to the latest version according to the information provided by the developer.
Vendor Information

ELECOM CO.,LTD.
CWE (What is CWE?)

  1. Buffer Errors(CWE-119) [IPA Evaluation]
  2. Cross-site Scripting(CWE-79) [IPA Evaluation]
  3. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2024-34577
  2. CVE-2024-39300
  3. CVE-2024-42412
  4. CVE-2024-43689
References

  1. JVN : JVN#24885537
Revision History

  • [2024/08/27]
      Web page was published

Date Public2024/08/27
Date First Published2024/08/27
Date Last Updated2024/08/27