|
[Japanese]
|
JVNDB-2025-002990
|
Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT 'AC-WPS-11ac series'
|
|
Wi-Fi AP UNIT 'AC-WPS-11ac series' provided by Inaba Denki Sangyo Co., Ltd. contain multiple vulnerabilities listed below.
- Incorrect privilege assignment in the WEB UI (the setting page) (CWE-266) - CVE-2025-23407
- OS command injection in the WEB UI (the setting page) (CWE-78) - CVE-2025-25053
- Cross-site request forgery (CWE-352) - CVE-2025-25056
- Improper restriction of rendered UI layers or frames (CWE-1021) - CVE-2025-25213
- Cleartext transmission of sensitive information (CWE-319) - CVE-2025-27722
- OS command injection in the specific service (CWE-78) - CVE-2025-27797
- Information disclosure of authentication information in the specific service (CWE-497) - CVE-2025-27934
- Missing authentication for critical function (CWE-306) - CVE-2025-29870
Inaba Denki Sangyo Co., Ltd. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
|
|
CVSS V3 Severity:
Base Metrics 9.8 (Critical) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
The above CVSS base scores have been assigned for CVE-2025-27797
|
CVSS V3 Severity:
Base Metrics8.8 (High) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
The above CVSS base scores have been assigned for CVE-2025-25053
|
CVSS V3 Severity:
Base Metrics7.5 (High) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-27934
|
CVSS V3 Severity:
Base Metrics7.5 (High) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-29870
|
CVSS V3 Severity:
Base Metrics6.5 (Medium) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Confidentiality Impact: None
- Integrity Impact: High
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-25213
|
CVSS V3 Severity:
Base Metrics5.9 (Medium) [Other]
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-27722
|
CVSS V3 Severity:
Base Metrics4.3 (Medium) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: None
- Integrity Impact: Low
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-23407
|
CVSS V3 Severity:
Base Metrics4.3 (Medium) [Other]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Confidentiality Impact: None
- Integrity Impact: Low
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-25056
|
|
|
INABA DENKI SANGYO CO., LTD.
- AC-PD-WPS-11ac v2.0.03P and earlier
- AC-PD-WPS-11ac-P v2.0.03P and earlier
- AC-WPS-11ac v2.0.03P and earlier
- AC-WPS-11ac-P v2.0.03P and earlier
- AC-WPSM-11ac v2.0.03P and earlier
- AC-WPSM-11ac-P v2.0.03P and earlier
|
|
|
- A remote attacker who can log in to the product may alter the settings without appropriate privileges (CVE-2025-23407)
- An arbitrary OS command may be executed by a remote attacker who can log in to the product (CVE-2025-25053, CVE-2025-27797)
- If a user views a malicious page while logged in, unintended operations may be performed (CVE-2025-25056)
- If a user views and clicks on the content on the malicious page while logged in, unintended operations may be performed (CVE-2025-25213)
- A man-in-the-middle attack may allow a remote unauthenticated attacker to eavesdrop the communication and obtain the authentication information (CVE-2025-27722)
- A remote unauthenticated attacker may obtain the product authentication information (CVE-2025-27934)
- A remote unauthenticated attacker may obtain the product configuration information including authentication information (CVE-2025-29870)
|
|
[Update the firmware]
Update the firmware to the latest version according to the information provided by the developer.
The developer has released the following versions that address the vulnerabilities.
- AC-WPS-11ac v2.0.06.13P
- AC-WPS-11ac-P v2.0.06.13P
- AC-WPSM-11ac v2.0.06.13P
- AC-WPSM-11ac-P v2.0.06.13P
- AC-PD-WPS-11ac v2.0.06.13P
- AC-PD-WPS-11ac-P v2.0.06.13P
[Apply the workaround]
The developer recommends applying workarounds in addition to updating the firmware.
For more details, refer to the information provided by the developer.
|
|
INABA DENKI SANGYO CO., LTD.
|
|
- Improper Restriction of Rendered UI Layers or Frames(CWE-1021) [Other]
- Incorrect Privilege Assignment(CWE-266) [Other]
- Missing Authentication for Critical Function(CWE-306) [Other]
- Cleartext Transmission of Sensitive Information(CWE-319) [Other]
- Cross-Site Request Forgery(CWE-352) [Other]
- Exposure of Sensitive System Information to an Unauthorized Control Sphere(CWE-497) [Other]
- OS Command Injection(CWE-78) [Other]
|
|
- CVE-2025-23407
- CVE-2025-25053
- CVE-2025-25056
- CVE-2025-25213
- CVE-2025-27722
- CVE-2025-27797
- CVE-2025-27934
- CVE-2025-29870
|
|
- JVN : JVNVU#93925742
|
|
- [2025/04/07]
Web page was published
|
