ID

VAR-202308-2596


CVE

CVE-2023-38576


TITLE

Multiple vulnerabilities in ELECOM and Logitech network equipment

Trust: 0.8

sources: JVNDB: JVNDB-2023-002797

DESCRIPTION

Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console. Network equipment provided by ELECOM Co., Ltd. and Logitech Co., Ltd. contains the following multiple vulnerabilities. * Unpublished features (CWE-912) - CVE-2023-32626 , CVE-2023-35991 , CVE-2023-39445 It was * Telnet Inadequate access restrictions to services (CWE-284) - CVE-2023-38132 It was * Unpublished features (CWE-912) - CVE-2023-38576 It was * buffer overflow (CWE-120) - CVE-2023-39454 It was * OS Command injection (CWE-78) - CVE-2023-39455 , CVE-2023-40072 It was * OS Command injection (CWE-78) - CVE-2023-39944 , CVE-2023-40069 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party with access to the product logs into a specific operation screen and performs arbitrary operations. OS Command is executed - CVE-2023-32626 , CVE-2023-35991 It was * by a third party who has access to the product; telnet logged into the service - CVE-2023-38132 It was * A third party who can log in to the product may perform arbitrary actions from a specific operation screen. OS Command is executed - CVE-2023-38576 It was * A third party with access to the product sends a specially crafted file to a specific operation screen and executes arbitrary code. - CVE-2023-39445 It was * Arbitrary code can be executed by a third party who has access to the product - CVE-2023-39454 It was * A third party who can log in to the product sends a specially crafted request and sends an arbitrary request. OS Command is executed - CVE-2023-39455 , CVE-2023-40072 It was * A third party with access to the product may send a specially crafted request to OS Command is executed - CVE-2023-39944 , CVE-2023-40069

Trust: 1.71

sources: NVD: CVE-2023-38576 // JVNDB: JVNDB-2023-002797 // VULMON: CVE-2023-38576

AFFECTED PRODUCTS

vendor:elecommodel:lan-wh300n\/rescope:eqversion:*

Trust: 1.0

vendor:エレコム株式会社model:wab-i1750-psscope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-w451ngrscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-1750ghbkscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-1750ghbk-escope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wab-s1167-psscope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-wh300n/rescope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wab-m1775-psscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wab-m2133scope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-wh300andgpescope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-w300n/rsscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-1900ghbk-sscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-1900ghbk-ascope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wab-s1775scope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-w300n/drscope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-wh450n/gpscope:eqversion:all s (cve-2023-35991)

Trust: 0.8

vendor:エレコム株式会社model:wrc-1467ghbk-sscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-1467ghbk-ascope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-w300n/pscope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-wh300n/drscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-f1167acfscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-1750ghbk2-iscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-x1800gsa-bscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-f1167acf2scope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-x1800gsh-bscope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-w300n/pr5scope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-600ghbk-ascope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-733febk2-ascope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-wh300n/dgpscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wab-s1167scope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-1167ghbk2scope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wrc-x1800gs-bscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wab-s600-psscope: - version: -

Trust: 0.8

vendor:ロジテック株式会社model:lan-wh300an/dgpscope: - version: -

Trust: 0.8

vendor:エレコム株式会社model:wab-s300scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-002797 // NVD: CVE-2023-38576

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-38576
value: HIGH

Trust: 1.0

OTHER: JVNDB-2023-002797
value: MEDIUM

Trust: 0.8

nvd@nist.gov: CVE-2023-38576
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2023-002797
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-002797 // NVD: CVE-2023-38576

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-94

Trust: 1.0

problemtype:Classic buffer overflow (CWE-120) [ others ]

Trust: 0.8

problemtype: Inappropriate access control (CWE-284) [ others ]

Trust: 0.8

problemtype:OS Command injection (CWE-78) [ others ]

Trust: 0.8

problemtype: Unpublished features (CWE-912) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-002797 // NVD: CVE-2023-38576

PATCH

title:wireless LAN Request for firmware update to improve router/repeater security ELECOM CO., LTD.url:https://www.elecom.co.jp/news/security/

Trust: 0.8

sources: JVNDB: JVNDB-2023-002797

EXTERNAL IDS

db:NVDid:CVE-2023-38576

Trust: 2.7

db:JVNid:JVNVU91630351

Trust: 1.9

db:JVNDBid:JVNDB-2023-002797

Trust: 0.8

db:VULMONid:CVE-2023-38576

Trust: 0.1

sources: VULMON: CVE-2023-38576 // JVNDB: JVNDB-2023-002797 // NVD: CVE-2023-38576

REFERENCES

url:https://jvn.jp/en/vu/jvnvu91630351/

Trust: 1.1

url:https://www.elecom.co.jp/news/security/20230810-01/

Trust: 1.1

url:http://jvn.jp/vu/jvnvu91630351/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-32626

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-35991

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-38132

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-38576

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-39445

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-39454

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-39455

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-39944

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-40069

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-40072

Trust: 0.8

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-38576 // JVNDB: JVNDB-2023-002797 // NVD: CVE-2023-38576

SOURCES

db:VULMONid:CVE-2023-38576
db:JVNDBid:JVNDB-2023-002797
db:NVDid:CVE-2023-38576

LAST UPDATE DATE

2024-10-08T23:10:59.120000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-38576date:2023-08-18T00:00:00
db:JVNDBid:JVNDB-2023-002797date:2024-08-28T08:03:00
db:NVDid:CVE-2023-38576date:2024-10-08T15:35:12.007

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-38576date:2023-08-18T00:00:00
db:JVNDBid:JVNDB-2023-002797date:2023-08-15T00:00:00
db:NVDid:CVE-2023-38576date:2023-08-18T10:15:11.427