cvelistv5 - cve-2023-40072

cve-2023-40072

Vulnerability from cvelistv5

Published

2023-08-18 09:45

Modified

2024-09-09 06:39

Severity ?

Summary

OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

References

URL	Tags
vultures@jpcert.or.jp	https://jvn.jp/en/vu/JVNVU91630351/	Third Party Advisory
vultures@jpcert.or.jp	https://www.elecom.co.jp/news/security/20230810-01/	Vendor Advisory
vultures@jpcert.or.jp	https://www.elecom.co.jp/news/security/20231114-01/
af854a3a-2127-422b-91ae-364da2661108	https://jvn.jp/en/vu/JVNVU91630351/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.elecom.co.jp/news/security/20230810-01/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.elecom.co.jp/news/security/20231114-01/

Impacted products

Vendor

Product

Version

▼

ELECOM CO.,LTD.

WAB-S600-PS

Version: all versions

ELECOM CO.,LTD.	WAB-S300	Version: all versions
ELECOM CO.,LTD.	WAB-S1775	Version: v1.1.9 and earlier
ELECOM CO.,LTD.	WAB-M1775-PS	Version: v1.1.21 and earlier
ELECOM CO.,LTD.	WAB-S1167	Version: v1.0.7 and earlier
ELECOM CO.,LTD.	WAB-M2133	Version: v1.3.22 and earlier
ELECOM CO.,LTD.	WAB-I1750-PS	Version: v1.5.10 and earlier
ELECOM CO.,LTD.	WAB-S1167-PS	Version: v1.5.6 and earlier

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T18:24:55.046Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.elecom.co.jp/news/security/20231114-01/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.elecom.co.jp/news/security/20230810-01/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://jvn.jp/en/vu/JVNVU91630351/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "WAB-S600-PS",
               vendor: "ELECOM CO.,LTD.",
               versions: [
                  {
                     status: "affected",
                     version: "all versions",
                  },
               ],
            },
            {
               product: "WAB-S300",
               vendor: "ELECOM CO.,LTD.",
               versions: [
                  {
                     status: "affected",
                     version: "all versions",
                  },
               ],
            },
            {
               product: "WAB-S1775",
               vendor: "ELECOM CO.,LTD.",
               versions: [
                  {
                     status: "affected",
                     version: "v1.1.9 and earlier",
                  },
               ],
            },
            {
               product: "WAB-M1775-PS",
               vendor: "ELECOM CO.,LTD.",
               versions: [
                  {
                     status: "affected",
                     version: "v1.1.21 and earlier",
                  },
               ],
            },
            {
               product: "WAB-S1167",
               vendor: "ELECOM CO.,LTD.",
               versions: [
                  {
                     status: "affected",
                     version: "v1.0.7 and earlier",
                  },
               ],
            },
            {
               product: "WAB-M2133",
               vendor: "ELECOM CO.,LTD.",
               versions: [
                  {
                     status: "affected",
                     version: "v1.3.22 and earlier",
                  },
               ],
            },
            {
               product: "WAB-I1750-PS",
               vendor: "ELECOM CO.,LTD.",
               versions: [
                  {
                     status: "affected",
                     version: "v1.5.10 and earlier",
                  },
               ],
            },
            {
               product: "WAB-S1167-PS",
               vendor: "ELECOM CO.,LTD.",
               versions: [
                  {
                     status: "affected",
                     version: "v1.5.6 and earlier",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "OS command injection",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-09T06:39:59.937Z",
            orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            shortName: "jpcert",
         },
         references: [
            {
               url: "https://www.elecom.co.jp/news/security/20231114-01/",
            },
            {
               url: "https://www.elecom.co.jp/news/security/20230810-01/",
            },
            {
               url: "https://jvn.jp/en/vu/JVNVU91630351/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce",
      assignerShortName: "jpcert",
      cveId: "CVE-2023-40072",
      datePublished: "2023-08-18T09:45:31.201Z",
      dateReserved: "2023-08-09T11:54:59.361Z",
      dateUpdated: "2024-09-09T06:39:59.937Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2023-40072\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2023-08-18T10:15:12.847\",\"lastModified\":\"2024-11-21T08:18:43.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de inyección de comandos del sistema operativo en los dispositivos de red ELECOM permite a un usuario autenticado ejecutar un comando arbitrario del sistema operativo enviando una solicitud especialmente diseñada. Los productos y versiones afectados son los siguientes WAB-S600-PS todas las versiones, WAB-S300 todas las versiones, WAB-M1775-PS v1.1.21 y anteriores, WAB-S1775 v1.1.9 y anteriores, WAB-S1167 v1.0.7 y anteriores, y WAB-M2133 v1.3.22 y anteriores.\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:elecom:wab-s600-ps_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"638B37F3-076A-44C0-83A4-DDAACC669376\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:elecom:wab-s600-ps:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6C5979C-DE63-4B06-B540-EB734082204A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:elecom:wab-s300_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59EFC7CC-3A9D-4B54-A887-29160C11EE6D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:elecom:wab-s300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCEE7563-FEA0-45D1-AD65-1B78DAF0ED4D\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU91630351/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.elecom.co.jp/news/security/20230810-01/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.elecom.co.jp/news/security/20231114-01/\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://jvn.jp/en/vu/JVNVU91630351/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.elecom.co.jp/news/security/20230810-01/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.elecom.co.jp/news/security/20231114-01/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}

fkie_cve-2023-40072

Vulnerability from fkie_nvd

Published

2023-08-18 10:15

Modified

2024-11-21 08:18

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

References

URL	Tags
vultures@jpcert.or.jp	https://jvn.jp/en/vu/JVNVU91630351/	Third Party Advisory
vultures@jpcert.or.jp	https://www.elecom.co.jp/news/security/20230810-01/	Vendor Advisory
vultures@jpcert.or.jp	https://www.elecom.co.jp/news/security/20231114-01/
af854a3a-2127-422b-91ae-364da2661108	https://jvn.jp/en/vu/JVNVU91630351/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.elecom.co.jp/news/security/20230810-01/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.elecom.co.jp/news/security/20231114-01/

Impacted products

Vendor	Product	Version
elecom	wab-s600-ps_firmware	*
elecom	wab-s600-ps	-
elecom	wab-s300_firmware	*
elecom	wab-s300	-

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:elecom:wab-s600-ps_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "638B37F3-076A-44C0-83A4-DDAACC669376",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:elecom:wab-s600-ps:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6C5979C-DE63-4B06-B540-EB734082204A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:elecom:wab-s300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "59EFC7CC-3A9D-4B54-A887-29160C11EE6D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:elecom:wab-s300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCEE7563-FEA0-45D1-AD65-1B78DAF0ED4D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.",
      },
      {
         lang: "es",
         value: "La vulnerabilidad de inyección de comandos del sistema operativo en los dispositivos de red ELECOM permite a un usuario autenticado ejecutar un comando arbitrario del sistema operativo enviando una solicitud especialmente diseñada. Los productos y versiones afectados son los siguientes WAB-S600-PS todas las versiones, WAB-S300 todas las versiones, WAB-M1775-PS v1.1.21 y anteriores, WAB-S1775 v1.1.9 y anteriores, WAB-S1167 v1.0.7 y anteriores, y WAB-M2133 v1.3.22 y anteriores.\n",
      },
   ],
   id: "CVE-2023-40072",
   lastModified: "2024-11-21T08:18:43.040",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-08-18T10:15:12.847",
   references: [
      {
         source: "vultures@jpcert.or.jp",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://jvn.jp/en/vu/JVNVU91630351/",
      },
      {
         source: "vultures@jpcert.or.jp",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.elecom.co.jp/news/security/20230810-01/",
      },
      {
         source: "vultures@jpcert.or.jp",
         url: "https://www.elecom.co.jp/news/security/20231114-01/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://jvn.jp/en/vu/JVNVU91630351/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.elecom.co.jp/news/security/20230810-01/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.elecom.co.jp/news/security/20231114-01/",
      },
   ],
   sourceIdentifier: "vultures@jpcert.or.jp",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2023-40072

Vulnerability from jvndb

Published

2023-08-15 11:54

Modified

2025-02-13 15:21

Severity ?

8.8 (High) - cvssV3_0 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in ELECOM and LOGITEC network devices

Details

Multiple network devices provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below. * Hidden Functionality (CWE-912) - CVE-2023-32626, CVE-2023-35991, CVE-2023-39445 * Telnet service access restriction failure (CWE-284) - CVE-2023-38132 * Hidden Functionality (CWE-912) - CVE-2023-38576 * Buffer overflow (CWE-120) - CVE-2023-39454 * OS Command Injection (CWE-78) - CVE-2023-39455, CVE-2023-40072 * OS Command Injection (CWE-78) - CVE-2023-39944, CVE-2023-40069 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.

References

▼	Type	URL
	JVN	http://jvn.jp/en/vu/JVNVU91630351/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-32626
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-35991
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-38132
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-38576
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-39445
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-39454
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-39455
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-39944
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-40069
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-40072
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-32626
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-35991
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-38132
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-38576
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-39445
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-39454
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-39455
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-39944
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-40069
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-40072
	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')(CWE-120)	https://cwe.mitre.org/data/definitions/120.html
	Improper Access Control(CWE-284)	https://cwe.mitre.org/data/definitions/284.html
	OS Command Injection(CWE-78)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	Hidden Functionality(CWE-912)	https://cwe.mitre.org/data/definitions/912.html

Impacted products

▼	Vendor	Product
	ELECOM CO.,LTD.	WAB-I1750-PS
	ELECOM CO.,LTD.	WAB-S1167-PS
	ELECOM CO.,LTD.	WAB-M1775-PS firmware
	ELECOM CO.,LTD.	WAB-M2133 firmware
	ELECOM CO.,LTD.	WAB-S1167 firmware
	ELECOM CO.,LTD.	WAB-S1775 firmware
	ELECOM CO.,LTD.	WAB-S300
	ELECOM CO.,LTD.	WAB-S600-PS
	ELECOM CO.,LTD.	WRC-1167GHBK2 firmware
	ELECOM CO.,LTD.	WRC-1467GHBK-A
	ELECOM CO.,LTD.	WRC-1467GHBK-S
	ELECOM CO.,LTD.	WRC-1750GHBK-E firmware
	ELECOM CO.,LTD.	WRC-1750GHBK2-I firmware
	ELECOM CO.,LTD.	WRC-1750GHBK firmware
	ELECOM CO.,LTD.	WRC-1900GHBK-A
	ELECOM CO.,LTD.	WRC-1900GHBK-S
	ELECOM CO.,LTD.	WRC-600GHBK-A
	ELECOM CO.,LTD.	WRC-733FEBK2-A
	ELECOM CO.,LTD.	WRC-F1167ACF2
	ELECOM CO.,LTD.	WRC-F1167ACF firmware
	ELECOM CO.,LTD.	WRC-X1800GS-B
	ELECOM CO.,LTD.	WRC-X1800GSA-B
	ELECOM CO.,LTD.	WRC-X1800GSH-B
	ELECOM CO.,LTD.	WRC-X6000QS-G
	ELECOM CO.,LTD.	WRC-X6000QSA-G
	Logitec Corp.	LAN-W300N/DR
	Logitec Corp.	LAN-W300N/PR5
	Logitec Corp.	LAN-W300N/P firmware
	Logitec Corp.	LAN-W300N/RS firmware
	Logitec Corp.	LAN-W451NGR
	Logitec Corp.	LAN-WH300AN/DGP
	Logitec Corp.	LAN-WH300ANDGPE
	Logitec Corp.	LAN-WH300N/DGP firmware
	Logitec Corp.	LAN-WH300N/DR
	Logitec Corp.	LAN-WH300N/RE
	Logitec Corp.	LAN-WH450N/GP

Show details on JVN DB website

JSON

To clipboard

{
   "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002797.html",
   "dc:date": "2025-02-13T15:21+09:00",
   "dcterms:issued": "2023-08-15T11:54+09:00",
   "dcterms:modified": "2025-02-13T15:21+09:00",
   description: "Multiple network devices provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below.\r\n\r\n  * Hidden Functionality (CWE-912) - CVE-2023-32626, CVE-2023-35991, CVE-2023-39445\r\n  * Telnet service access restriction failure (CWE-284) - CVE-2023-38132\r\n  * Hidden Functionality (CWE-912) - CVE-2023-38576\r\n  * Buffer overflow (CWE-120) - CVE-2023-39454\r\n  * OS Command Injection (CWE-78) - CVE-2023-39455, CVE-2023-40072\r\n  * OS Command Injection (CWE-78) - CVE-2023-39944, CVE-2023-40069\r\n\r\nChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
   link: "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002797.html",
   "sec:cpe": [
      {
         "#text": "cpe:/a:elecom:wab-i1750-ps",
         "@product": "WAB-I1750-PS",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:elecom:wab-s1167-ps",
         "@product": "WAB-S1167-PS",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wab-m1775-ps_firmware",
         "@product": "WAB-M1775-PS firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wab-m2133_firmware",
         "@product": "WAB-M2133 firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wab-s1167_firmware",
         "@product": "WAB-S1167 firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wab-s1775_firmware",
         "@product": "WAB-S1775 firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wab-s300_firmware",
         "@product": "WAB-S300",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wab-s600-ps_firmware",
         "@product": "WAB-S600-PS",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-1167ghbk2_firmware",
         "@product": "WRC-1167GHBK2 firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-1467ghbk-a_firmware",
         "@product": "WRC-1467GHBK-A",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-1467ghbk-s_firmware",
         "@product": "WRC-1467GHBK-S",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-1750ghbk-e_firmware",
         "@product": "WRC-1750GHBK-E firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-1750ghbk2-i_firmware",
         "@product": "WRC-1750GHBK2-I firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-1750ghbk_firmware",
         "@product": "WRC-1750GHBK firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-1900ghbk-a_firmware",
         "@product": "WRC-1900GHBK-A",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-1900ghbk-s_firmware",
         "@product": "WRC-1900GHBK-S",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-600ghbk-a_firmware",
         "@product": "WRC-600GHBK-A",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-733febk2-a_firmware",
         "@product": "WRC-733FEBK2-A",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-f1167acf2_firmware",
         "@product": "WRC-F1167ACF2",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-f1167acf_firmware",
         "@product": "WRC-F1167ACF firmware",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-x1800gs-b_firmware",
         "@product": "WRC-X1800GS-B",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-x1800gsa-b_firmware",
         "@product": "WRC-X1800GSA-B",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-x1800gsh-b_firmware",
         "@product": "WRC-X1800GSH-B",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-x6000qs-g",
         "@product": "WRC-X6000QS-G",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:elecom:wrc-x6000qsa-g",
         "@product": "WRC-X6000QSA-G",
         "@vendor": "ELECOM CO.,LTD.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-w300n%2fdr_firmware",
         "@product": "LAN-W300N/DR",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-w300n%2fpr5_firmware",
         "@product": "LAN-W300N/PR5",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-w300n%2fp_firmware",
         "@product": "LAN-W300N/P firmware",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-w300n%2frs_firmware",
         "@product": "LAN-W300N/RS firmware",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-w451ngr_firmware",
         "@product": "LAN-W451NGR",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-wh300an%2fdgp_firmware",
         "@product": "LAN-WH300AN/DGP",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-wh300andgpe_firmware",
         "@product": "LAN-WH300ANDGPE",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-wh300n%2fdgp_firmware",
         "@product": "LAN-WH300N/DGP firmware",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-wh300n%2fdr_firmware",
         "@product": "LAN-WH300N/DR",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-wh300n%2fre_firmware",
         "@product": "LAN-WH300N/RE",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:logitec:lan-wh450n%2fgp_firmware",
         "@product": "LAN-WH450N/GP",
         "@vendor": "Logitec Corp.",
         "@version": "2.2",
      },
   ],
   "sec:cvss": [
      {
         "@score": "5.8",
         "@severity": "Medium",
         "@type": "Base",
         "@vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
         "@version": "2.0",
      },
      {
         "@score": "8.8",
         "@severity": "High",
         "@type": "Base",
         "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
         "@version": "3.0",
      },
   ],
   "sec:identifier": "JVNDB-2023-002797",
   "sec:references": [
      {
         "#text": "http://jvn.jp/en/vu/JVNVU91630351/index.html",
         "@id": "JVNVU#91630351",
         "@source": "JVN",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32626",
         "@id": "CVE-2023-32626",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-35991",
         "@id": "CVE-2023-35991",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-38132",
         "@id": "CVE-2023-38132",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-38576",
         "@id": "CVE-2023-38576",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39445",
         "@id": "CVE-2023-39445",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39454",
         "@id": "CVE-2023-39454",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39455",
         "@id": "CVE-2023-39455",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39944",
         "@id": "CVE-2023-39944",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-40069",
         "@id": "CVE-2023-40069",
         "@source": "CVE",
      },
      {
         "#text": "https://www.cve.org/CVERecord?id=CVE-2023-40072",
         "@id": "CVE-2023-40072",
         "@source": "CVE",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32626",
         "@id": "CVE-2023-32626",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-35991",
         "@id": "CVE-2023-35991",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38132",
         "@id": "CVE-2023-38132",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38576",
         "@id": "CVE-2023-38576",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39445",
         "@id": "CVE-2023-39445",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39454",
         "@id": "CVE-2023-39454",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39455",
         "@id": "CVE-2023-39455",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39944",
         "@id": "CVE-2023-39944",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40069",
         "@id": "CVE-2023-40069",
         "@source": "NVD",
      },
      {
         "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40072",
         "@id": "CVE-2023-40072",
         "@source": "NVD",
      },
      {
         "#text": "https://cwe.mitre.org/data/definitions/120.html",
         "@id": "CWE-120",
         "@title": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')(CWE-120)",
      },
      {
         "#text": "https://cwe.mitre.org/data/definitions/284.html",
         "@id": "CWE-284",
         "@title": "Improper Access Control(CWE-284)",
      },
      {
         "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
         "@id": "CWE-78",
         "@title": "OS Command Injection(CWE-78)",
      },
      {
         "#text": "https://cwe.mitre.org/data/definitions/912.html",
         "@id": "CWE-912",
         "@title": "Hidden Functionality(CWE-912)",
      },
   ],
   title: "Multiple vulnerabilities in ELECOM and LOGITEC network devices",
}

var-202308-2597

Vulnerability from variot

OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Network equipment provided by ELECOM Co., Ltd. and Logitech Co., Ltd. contains the following multiple vulnerabilities. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party with access to the product logs into a specific operation screen and performs arbitrary operations. OS Command is executed - CVE-2023-32626 , CVE-2023-35991 It was * by a third party who has access to the product; telnet logged into the service - CVE-2023-38132 It was * A third party who can log in to the product may perform arbitrary actions from a specific operation screen. - CVE-2023-39445 It was * Arbitrary code can be executed by a third party who has access to the product - CVE-2023-39454 It was * A third party who can log in to the product sends a specially crafted request and sends an arbitrary request

Show details on source website

JSON

To clipboard

{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-202308-2597",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "wab-s300",
            scope: "eq",
            trust: 1,
            vendor: "elecom",
            version: "*",
         },
         {
            model: "wab-s600-ps",
            scope: "eq",
            trust: 1,
            vendor: "elecom",
            version: "*",
         },
         {
            model: "wab-i1750-ps",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "lan-w451ngr",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "wrc-1750ghbk",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-1750ghbk-e",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wab-s1167-ps",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "lan-wh300n/re",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "wab-m1775-ps",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wab-m2133",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "lan-wh300andgpe",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "lan-w300n/rs",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "wrc-1900ghbk-s",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-1900ghbk-a",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wab-s1775",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "lan-w300n/dr",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "lan-wh450n/gp",
            scope: "eq",
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: "all  s  (cve-2023-35991)",
         },
         {
            model: "wrc-1467ghbk-s",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-1467ghbk-a",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "lan-w300n/p",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "lan-wh300n/dr",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "wrc-f1167acf",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-1750ghbk2-i",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-x1800gsa-b",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-f1167acf2",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-x1800gsh-b",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "lan-w300n/pr5",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "wrc-600ghbk-a",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-733febk2-a",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "lan-wh300n/dgp",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "wab-s1167",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-1167ghbk2",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wrc-x1800gs-b",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "wab-s600-ps",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
         {
            model: "lan-wh300an/dgp",
            scope: null,
            trust: 0.8,
            vendor: "ロジテック株式会社",
            version: null,
         },
         {
            model: "wab-s300",
            scope: null,
            trust: 0.8,
            vendor: "エレコム株式会社",
            version: null,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            db: "NVD",
            id: "CVE-2023-40072",
         },
      ],
   },
   cve: "CVE-2023-40072",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [],
            cvssV3: [
               {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  author: "nvd@nist.gov",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 2.8,
                  id: "CVE-2023-40072",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  trust: 1,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               {
                  attackComplexity: "Low",
                  attackVector: "Adjacent Network",
                  author: "OTHER",
                  availabilityImpact: "High",
                  baseScore: 6.8,
                  baseSeverity: "Medium",
                  confidentialityImpact: "High",
                  exploitabilityScore: null,
                  id: "JVNDB-2023-002797",
                  impactScore: null,
                  integrityImpact: "High",
                  privilegesRequired: "High",
                  scope: "Unchanged",
                  trust: 0.8,
                  userInteraction: "None",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "nvd@nist.gov",
                  id: "CVE-2023-40072",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "OTHER",
                  id: "JVNDB-2023-002797",
                  trust: 0.8,
                  value: "Medium",
               },
            ],
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            db: "NVD",
            id: "CVE-2023-40072",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Network equipment provided by ELECOM Co., Ltd. and Logitech Co., Ltd. contains the following multiple vulnerabilities. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party with access to the product logs into a specific operation screen and performs arbitrary operations. OS Command is executed - CVE-2023-32626 , CVE-2023-35991 It was * by a third party who has access to the product; telnet logged into the service - CVE-2023-38132 It was * A third party who can log in to the product may perform arbitrary actions from a specific operation screen. - CVE-2023-39445 It was * Arbitrary code can be executed by a third party who has access to the product - CVE-2023-39454 It was * A third party who can log in to the product sends a specially crafted request and sends an arbitrary request",
      sources: [
         {
            db: "NVD",
            id: "CVE-2023-40072",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            db: "VULMON",
            id: "CVE-2023-40072",
         },
      ],
      trust: 1.71,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2023-40072",
            trust: 2.7,
         },
         {
            db: "JVN",
            id: "JVNVU91630351",
            trust: 1.9,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
            trust: 0.8,
         },
         {
            db: "VULMON",
            id: "CVE-2023-40072",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "VULMON",
            id: "CVE-2023-40072",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            db: "NVD",
            id: "CVE-2023-40072",
         },
      ],
   },
   id: "VAR-202308-2597",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "VARIoT devices database",
            id: null,
         },
      ],
      trust: 0.6666667,
   },
   last_update_date: "2024-09-09T22:50:41.360000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "wireless LAN Request for firmware update to improve router/repeater security ELECOM CO., LTD.",
            trust: 0.8,
            url: "https://www.elecom.co.jp/news/security/",
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-78",
            trust: 1,
         },
         {
            problemtype: "Classic buffer overflow (CWE-120) [ others ]",
            trust: 0.8,
         },
         {
            problemtype: " Inappropriate access control (CWE-284) [ others ]",
            trust: 0.8,
         },
         {
            problemtype: "OS Command injection (CWE-78) [ others ]",
            trust: 0.8,
         },
         {
            problemtype: " Unpublished features (CWE-912) [ others ]",
            trust: 0.8,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            db: "NVD",
            id: "CVE-2023-40072",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 1.1,
            url: "https://jvn.jp/en/vu/jvnvu91630351/",
         },
         {
            trust: 1.1,
            url: "https://www.elecom.co.jp/news/security/20230810-01/",
         },
         {
            trust: 1,
            url: "https://www.elecom.co.jp/news/security/20231114-01/",
         },
         {
            trust: 0.8,
            url: "http://jvn.jp/vu/jvnvu91630351/index.html",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-32626",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-35991",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-38132",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-38576",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-39445",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-39454",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-39455",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-39944",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-40069",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2023-40072",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov",
         },
      ],
      sources: [
         {
            db: "VULMON",
            id: "CVE-2023-40072",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            db: "NVD",
            id: "CVE-2023-40072",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "VULMON",
            id: "CVE-2023-40072",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            db: "NVD",
            id: "CVE-2023-40072",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2023-08-18T00:00:00",
            db: "VULMON",
            id: "CVE-2023-40072",
         },
         {
            date: "2023-08-15T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            date: "2023-08-18T10:15:12.847000",
            db: "NVD",
            id: "CVE-2023-40072",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2023-08-18T00:00:00",
            db: "VULMON",
            id: "CVE-2023-40072",
         },
         {
            date: "2024-08-28T08:03:00",
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
         {
            date: "2024-09-09T07:15:14.470000",
            db: "NVD",
            id: "CVE-2023-40072",
         },
      ],
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Multiple vulnerabilities in ELECOM and Logitech network equipment",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2023-002797",
         },
      ],
      trust: 0.8,
   },
}

gsd-2023-40072

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

Aliases

CVE-2023-40072

Aliases

CVE-2023-40072

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2023-40072",
      id: "GSD-2023-40072",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2023-40072",
         ],
         details: "OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.",
         id: "GSD-2023-40072",
         modified: "2023-12-13T01:20:43.997698Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "vultures@jpcert.or.jp",
            ID: "CVE-2023-40072",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "WAB-S600-PS",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "=",
                                       version_value: "all versions",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "WAB-S300",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "=",
                                       version_value: "all versions",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "WAB-M1775-PS",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "=",
                                       version_value: "v1.1.21 and earlier",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "WAB-S1775",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "=",
                                       version_value: "v1.1.9 and earlier",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "WAB-S1167",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "=",
                                       version_value: "v1.0.7 and earlier",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "WAB-M2133",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "=",
                                       version_value: "v1.3.22 and earlier",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "ELECOM CO.,LTD.",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "OS command injection vulnerability in ELECOM network devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WAB-S600-PS all versions, WAB-S300 all versions, WAB-M1775-PS v1.1.21 and earlier, WAB-S1775 v1.1.9 and earlier, WAB-S1167 v1.0.7 and earlier, and WAB-M2133 v1.3.22 and earlier.",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "OS command injection",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://www.elecom.co.jp/news/security/20231114-01/",
                  refsource: "MISC",
                  url: "https://www.elecom.co.jp/news/security/20231114-01/",
               },
               {
                  name: "https://www.elecom.co.jp/news/security/20230810-01/",
                  refsource: "MISC",
                  url: "https://www.elecom.co.jp/news/security/20230810-01/",
               },
               {
                  name: "https://jvn.jp/en/vu/JVNVU91630351/",
                  refsource: "MISC",
                  url: "https://jvn.jp/en/vu/JVNVU91630351/",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         cve: {
            configurations: [
               {
                  nodes: [
                     {
                        cpeMatch: [
                           {
                              criteria: "cpe:2.3:o:elecom:wab-s600-ps_firmware:*:*:*:*:*:*:*:*",
                              matchCriteriaId: "638B37F3-076A-44C0-83A4-DDAACC669376",
                              vulnerable: true,
                           },
                        ],
                        negate: false,
                        operator: "OR",
                     },
                     {
                        cpeMatch: [
                           {
                              criteria: "cpe:2.3:h:elecom:wab-s600-ps:-:*:*:*:*:*:*:*",
                              matchCriteriaId: "F6C5979C-DE63-4B06-B540-EB734082204A",
                              vulnerable: false,
                           },
                        ],
                        negate: false,
                        operator: "OR",
                     },
                  ],
                  operator: "AND",
               },
               {
                  nodes: [
                     {
                        cpeMatch: [
                           {
                              criteria: "cpe:2.3:o:elecom:wab-s300_firmware:*:*:*:*:*:*:*:*",
                              matchCriteriaId: "59EFC7CC-3A9D-4B54-A887-29160C11EE6D",
                              vulnerable: true,
                           },
                        ],
                        negate: false,
                        operator: "OR",
                     },
                     {
                        cpeMatch: [
                           {
                              criteria: "cpe:2.3:h:elecom:wab-s300:-:*:*:*:*:*:*:*",
                              matchCriteriaId: "DCEE7563-FEA0-45D1-AD65-1B78DAF0ED4D",
                              vulnerable: false,
                           },
                        ],
                        negate: false,
                        operator: "OR",
                     },
                  ],
                  operator: "AND",
               },
            ],
            descriptions: [
               {
                  lang: "en",
                  value: "OS command injection vulnerability in ELECOM network devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WAB-S600-PS all versions, WAB-S300 all versions, WAB-M1775-PS v1.1.21 and earlier, WAB-S1775 v1.1.9 and earlier, WAB-S1167 v1.0.7 and earlier, and WAB-M2133 v1.3.22 and earlier.",
               },
            ],
            id: "CVE-2023-40072",
            lastModified: "2024-02-28T23:15:08.150",
            metrics: {
               cvssMetricV31: [
                  {
                     cvssData: {
                        attackComplexity: "LOW",
                        attackVector: "NETWORK",
                        availabilityImpact: "HIGH",
                        baseScore: 8.8,
                        baseSeverity: "HIGH",
                        confidentialityImpact: "HIGH",
                        integrityImpact: "HIGH",
                        privilegesRequired: "LOW",
                        scope: "UNCHANGED",
                        userInteraction: "NONE",
                        vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                        version: "3.1",
                     },
                     exploitabilityScore: 2.8,
                     impactScore: 5.9,
                     source: "nvd@nist.gov",
                     type: "Primary",
                  },
               ],
            },
            published: "2023-08-18T10:15:12.847",
            references: [
               {
                  source: "vultures@jpcert.or.jp",
                  tags: [
                     "Third Party Advisory",
                  ],
                  url: "https://jvn.jp/en/vu/JVNVU91630351/",
               },
               {
                  source: "vultures@jpcert.or.jp",
                  tags: [
                     "Vendor Advisory",
                  ],
                  url: "https://www.elecom.co.jp/news/security/20230810-01/",
               },
               {
                  source: "vultures@jpcert.or.jp",
                  url: "https://www.elecom.co.jp/news/security/20231114-01/",
               },
            ],
            sourceIdentifier: "vultures@jpcert.or.jp",
            vulnStatus: "Modified",
            weaknesses: [
               {
                  description: [
                     {
                        lang: "en",
                        value: "CWE-78",
                     },
                  ],
                  source: "nvd@nist.gov",
                  type: "Primary",
               },
            ],
         },
      },
   },
}

ghsa-c3w7-xm4j-hrp8

Vulnerability from github

Published

2023-08-18 12:30

Modified

2024-02-29 00:30

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2023-40072",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-78",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2023-08-18T10:15:12Z",
      severity: "HIGH",
   },
   details: "OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.",
   id: "GHSA-c3w7-xm4j-hrp8",
   modified: "2024-02-29T00:30:20Z",
   published: "2023-08-18T12:30:14Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2023-40072",
      },
      {
         type: "WEB",
         url: "https://jvn.jp/en/vu/JVNVU91630351",
      },
      {
         type: "WEB",
         url: "https://www.elecom.co.jp/news/security/20230810-01",
      },
      {
         type: "WEB",
         url: "https://www.elecom.co.jp/news/security/20231114-01",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
         type: "CVSS_V3",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2023-40072

Vulnerability from cvelistv5

fkie_cve-2023-40072

Vulnerability from fkie_nvd

cve-2023-40072

Vulnerability from jvndb

var-202308-2597

Vulnerability from variot

gsd-2023-40072

Vulnerability from gsd

ghsa-c3w7-xm4j-hrp8

Vulnerability from github

Tags

Sightings

Nomenclature