Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-37564

UNKNOWN
Published 2023-07-13T03:01:41.200Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-37564. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary OS command with a root privilege by sending a specially crafted request. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, and WRC-1167FEBK-A v1.18 and earlier.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

ELECOM CO.,LTD.

WRC-1167GHBK-S

Affected Versions:

v1.03 and earlier
ELECOM CO.,LTD.

WRC-1167GEBK-S

Affected Versions:

v1.03 and earlier
ELECOM CO.,LTD.

WRC-1167FEBK-S

Affected Versions:

v1.04 and earlier
ELECOM CO.,LTD.

WRC-1167GHBK3-A

Affected Versions:

v1.24 and earlier
ELECOM CO.,LTD.

WRC-1167FEBK-A

Affected Versions:

v1.18 and earlier
elecom

wrc-1167ghbk-s

Affected Versions:

0
elecom

wrc-1167gebk-s

Affected Versions:

0
elecom

wrc-1167febk-s

Affected Versions:

0
elecom

wrc-1167ghbk3-a

Affected Versions:

0
elecom

wrc-1167febk-a

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-cr74-486w-gf3m

Advisory Details

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary OS command with a root privilege by sending a specially crafted request. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, and WRC-1167FEBK-A v1.18 and earlier.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-37564
WEB https://jvn.jp/en/jp/JVN05223215
WEB https://www.elecom.co.jp/news/security/20230711-01

Advisory provided by GitHub Security Advisory Database. Published: July 13, 2023, Modified: April 4, 2024

References

https://www.elecom.co.jp/news/security/20230711-01/
https://jvn.jp/en/jp/JVN05223215/
Published: 2023-07-13T03:01:41.200Z
Last Modified: 2024-11-06T15:24:49.122Z
Copied to clipboard!