Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-40072

UNKNOWN
Published 2023-08-18T09:45:31.201Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-40072. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

ELECOM CO.,LTD.

WAB-S600-PS

Affected Versions:

all versions
ELECOM CO.,LTD.

WAB-S300

Affected Versions:

all versions
ELECOM CO.,LTD.

WAB-S1775

Affected Versions:

v1.1.9 and earlier
ELECOM CO.,LTD.

WAB-M1775-PS

Affected Versions:

v1.1.21 and earlier
ELECOM CO.,LTD.

WAB-S1167

Affected Versions:

v1.0.7 and earlier
ELECOM CO.,LTD.

WAB-M2133

Affected Versions:

v1.3.22 and earlier
ELECOM CO.,LTD.

WAB-I1750-PS

Affected Versions:

v1.5.10 and earlier
ELECOM CO.,LTD.

WAB-S1167-PS

Affected Versions:

v1.5.6 and earlier

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-c3w7-xm4j-hrp8

Advisory Details

OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-40072
WEB https://jvn.jp/en/vu/JVNVU91630351
WEB https://www.elecom.co.jp/news/security/20230810-01
WEB https://www.elecom.co.jp/news/security/20231114-01

Advisory provided by GitHub Security Advisory Database. Published: August 18, 2023, Modified: February 29, 2024

References

https://www.elecom.co.jp/news/security/20231114-01/
https://www.elecom.co.jp/news/security/20230810-01/
https://jvn.jp/en/vu/JVNVU91630351/
Published: 2023-08-18T09:45:31.201Z
Last Modified: 2024-09-09T06:39:59.937Z
Copied to clipboard!