Vulnerability Details CVE-2023-39455
OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.4%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2023-39455
-
cpe:2.3:h:elecom:wrc-1467ghbk-a:-
-
cpe:2.3:h:elecom:wrc-1467ghbk-s:-
-
cpe:2.3:h:elecom:wrc-1900ghbk-a:-
-
cpe:2.3:h:elecom:wrc-1900ghbk-s:-
-
cpe:2.3:h:elecom:wrc-600ghbk-a:-
-
cpe:2.3:h:elecom:wrc-733febk2-a:-
-
cpe:2.3:h:elecom:wrc-f1167acf2:-
-
cpe:2.3:o:elecom:wrc-1467ghbk-a_firmware:-
-
cpe:2.3:o:elecom:wrc-1467ghbk-s_firmware:-
-
cpe:2.3:o:elecom:wrc-1900ghbk-a_firmware:-
-
cpe:2.3:o:elecom:wrc-1900ghbk-s_firmware:-
-
cpe:2.3:o:elecom:wrc-600ghbk-a_firmware:-
-
cpe:2.3:o:elecom:wrc-733febk2-a_firmware:-
-
cpe:2.3:o:elecom:wrc-f1167acf2_firmware:-