CVE-2023-39455
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions.
La vulnerabilidad de inyección de comandos del sistema operativo en los routers LAN inalámbricos ELECOM permite a un usuario autenticado ejecutar un comando arbitrario del sistema operativo enviando una solicitud especialmente diseñada. Los productos y versiones afectados son los siguientes WRC-600GHBK-A todas las versiones, WRC-1467GHBK-A todas las versiones, WRC-1900GHBK-A todas las versiones, WRC-733FEBK2-A todas las versiones, WRC-F1167ACF2 todas las versiones, WRC-1467GHBK-S todas las versiones y WRC-1900GHBK-S todas las versiones.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-08-09 CVE Reserved
- 2023-08-18 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-24 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://jvn.jp/en/vu/JVNVU91630351 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.elecom.co.jp/news/security/20230810-01 | 2023-08-23 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Elecom Search vendor "Elecom" | Wrc-600ghbk-a Firmware Search vendor "Elecom" for product "Wrc-600ghbk-a Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-600ghbk-a Search vendor "Elecom" for product "Wrc-600ghbk-a" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-1467ghbk-a Firmware Search vendor "Elecom" for product "Wrc-1467ghbk-a Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-1467ghbk-a Search vendor "Elecom" for product "Wrc-1467ghbk-a" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-1900ghbk-a Firmware Search vendor "Elecom" for product "Wrc-1900ghbk-a Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-1900ghbk-a Search vendor "Elecom" for product "Wrc-1900ghbk-a" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-733febk2-a Firmware Search vendor "Elecom" for product "Wrc-733febk2-a Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-733febk2-a Search vendor "Elecom" for product "Wrc-733febk2-a" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-f1167acf2 Firmware Search vendor "Elecom" for product "Wrc-f1167acf2 Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-f1167acf2 Search vendor "Elecom" for product "Wrc-f1167acf2" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-1467ghbk-s Firmware Search vendor "Elecom" for product "Wrc-1467ghbk-s Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-1467ghbk-s Search vendor "Elecom" for product "Wrc-1467ghbk-s" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-1900ghbk-s Firmware Search vendor "Elecom" for product "Wrc-1900ghbk-s Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-1900ghbk-s Search vendor "Elecom" for product "Wrc-1900ghbk-s" | - | - |
Safe
|