2 results (0.002 seconds)

CVSS: 6.5EPSS: 0%CPEs: 68EXPL: 1

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section. Vulnerabilidad de fuerza de cifrado inadecuada en múltiples routers proporcionados por ELECOM CO.,LTD. y LOGITEC CORPORATION permite que un atacante no autenticado adyacente a la red adivine la clave de cifrado utilizada para la comunicación LAN inalámbrica e intercepte la comunicación. • https://github.com/sharmashreejaa/CVE-2023-43757 https://jvn.jp/en/vu/JVNVU94119876 https://www.elecom.co.jp/news/security/20210706-01 https://www.elecom.co.jp/news/security/20230810-01 https://www.elecom.co.jp/news/security/20231114-01 • CWE-326: Inadequate Encryption Strength •

CVSS: 8.8EPSS: 0%CPEs: 22EXPL: 0

WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors. WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S y WRH-300WH-S, todas las versiones, permiten a un atacante no autenticado adyacente a la red ejecutar un comando arbitrario del sistema operativo por medio de vectores no especificados • https://jvn.jp/en/vu/JVNVU94260088/index.html https://www.elecom.co.jp/news/security/20210706-01 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •