CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-37567

Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a remote unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port of the web management page. Affected products and versions are as follows: WRC-1167GHBK3-A v1.24 and earlier, WRC-F1167ACF2 all versions, WRC-600GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, and LAN-W301NR all versions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.8%

CVSS Severity

CVSS v3 Score 9.8

References

https://jvn.jp/en/vu/JVNVU91850798/
https://www.elecom.co.jp/news/security/20230711-01/
https://www.elecom.co.jp/news/security/20230810-01/
https://jvn.jp/en/vu/JVNVU91850798/
https://www.elecom.co.jp/news/security/20230711-01/
https://www.elecom.co.jp/news/security/20230810-01/

Products affected by CVE-2023-37567

Elecom » Wrc-1167ghbk3-A » Version: N/A

cpe:2.3:h:elecom:wrc-1167ghbk3-a:-
Elecom » Wrc-1167ghbk3-A Firmware » Version: Any

cpe:2.3:o:elecom:wrc-1167ghbk3-a_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37567

Products

Pricing

Contact Us