← voltar
CVE-2023-37567

CVE-2023-37567

EPSS 1.8%
Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a remote unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port of the web management page. Affected products and versions are as follows: WRC-1167GHBK3-A v1.24 and earlier, WRC-F1167ACF2 all versions, WRC-600GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, and LAN-W301NR all versions.
Produtos afetados
ELECOM CO.,LTD. · WRC-1167GHBK3-AELECOM CO.,LTD. · WRC-1467GHBK-AELECOM CO.,LTD. · WRC-1900GHBK-AELECOM CO.,LTD. · WRC-600GHBK-AELECOM CO.,LTD. · WRC-733FEBK2-AELECOM CO.,LTD. · WRC-F1167ACF2LOGITEC CORPORATION · LAN-W301NR

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://jvn.jp/en/vu/JVNVU91850798/https://www.elecom.co.jp/news/security/20230711-01/https://www.elecom.co.jp/news/security/20230810-01/