Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-37567

UNKNOWN
Published 2023-07-13T01:46:47.274Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-37567. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a remote unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port of the web management page. Affected products and versions are as follows: WRC-1167GHBK3-A v1.24 and earlier, WRC-F1167ACF2 all versions, WRC-600GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, and LAN-W301NR all versions.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

ELECOM CO.,LTD.

WRC-1167GHBK3-A

Affected Versions:

v1.24 and earlier
ELECOM CO.,LTD.

WRC-F1167ACF2

Affected Versions:

all versions
ELECOM CO.,LTD.

WRC-600GHBK-A

Affected Versions:

all versions
ELECOM CO.,LTD.

WRC-733FEBK2-A

Affected Versions:

all versions
ELECOM CO.,LTD.

WRC-1467GHBK-A

Affected Versions:

all versions
ELECOM CO.,LTD.

WRC-1900GHBK-A

Affected Versions:

all versions
LOGITEC CORPORATION

LAN-W301NR

Affected Versions:

all versions
elecom

wrc-1167ghbk3-a

Affected Versions:

0
elecom

wrc-f1167acf2

Affected Versions:

0
elecom

wrc-600ghbk-a

Affected Versions:

0
elecom

wrc-733febk2-a

Affected Versions:

0
elecom

wrc-1467ghbk-a

Affected Versions:

0
elecom

wrc-1900ghbk-a

Affected Versions:

0
elecom

lan-w301nr

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-4g64-j4r5-wvxc

Advisory Details

ELECOM wireless LAN router WRC-1167GHBK3-A v1.24 and earlier allows a remote unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port of the web management page.

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-37567
WEB https://jvn.jp/en/vu/JVNVU91850798
WEB https://www.elecom.co.jp/news/security/20230711-01
WEB https://www.elecom.co.jp/news/security/20230810-01

Advisory provided by GitHub Security Advisory Database. Published: July 13, 2023, Modified: April 4, 2024

References

https://www.elecom.co.jp/news/security/20230810-01/
https://www.elecom.co.jp/news/security/20230711-01/
https://jvn.jp/en/vu/JVNVU91850798/
Published: 2023-07-13T01:46:47.274Z
Last Modified: 2024-11-06T14:28:41.455Z
Copied to clipboard!