CVSS: 6.5EPSS: 0%CPEs: 68EXPL: 1CVE-2023-43757
https://notcve.org/view.php?id=CVE-2023-43757
16 Nov 2023 — Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section. Vulnerabilidad de fuerza de cifrado inadecuada en múltiples routers proporcionados por ELECOM CO.,LTD. y LOGITEC CORPORATION permite que ... • https://github.com/sharmashreejaa/CVE-2023-43757 • CWE-326: Inadequate Encryption Strength •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2023-40069
https://notcve.org/view.php?id=CVE-2023-40069
18 Aug 2023 — OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-F1167ACF all versions, WRC-1750GHBK all versions, WRC-1167GHBK2 all versions, WRC-1750GHBK2-I all versions, and WRC-1750GHBK-E all versions. La vulnerabilidad de inyección de comandos del sistema operativo en los routers LAN inalámbricos ELECOM permite a un atacante que pue... • https://jvn.jp/en/vu/JVNVU91630351 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •