CVE-2023-40069
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-F1167ACF all versions, WRC-1750GHBK all versions, WRC-1167GHBK2 all versions, WRC-1750GHBK2-I all versions, and WRC-1750GHBK-E all versions.
La vulnerabilidad de inyección de comandos del sistema operativo en los routers LAN inalámbricos ELECOM permite a un atacante que pueda acceder al producto ejecutar un comando arbitrario del sistema operativo enviando una solicitud especialmente diseñada. Los productos y versiones afectados son los siguientes WRC-F1167ACF todas las versiones, WRC-1750GHBK todas las versiones, WRC-1167GHBK2 todas las versiones, WRC-1750GHBK2-I todas las versiones y WRC-1750GHBK-E todas las versiones.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2023-08-09 CVE Reserved
- 2023-08-18 CVE Published
- 2024-09-19 EPSS Updated
- 2024-10-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://jvn.jp/en/vu/JVNVU91630351 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.elecom.co.jp/news/security/20230810-01 | 2023-08-23 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Elecom Search vendor "Elecom" | Wrc-f1167acf Firmware Search vendor "Elecom" for product "Wrc-f1167acf Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-f1167acf Search vendor "Elecom" for product "Wrc-f1167acf" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-1750ghbk Firmware Search vendor "Elecom" for product "Wrc-1750ghbk Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-1750ghbk Search vendor "Elecom" for product "Wrc-1750ghbk" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-1167ghbk2 Firmware Search vendor "Elecom" for product "Wrc-1167ghbk2 Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-1167ghbk2 Search vendor "Elecom" for product "Wrc-1167ghbk2" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-1750ghbk2-i Firmware Search vendor "Elecom" for product "Wrc-1750ghbk2-i Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-1750ghbk2-i Search vendor "Elecom" for product "Wrc-1750ghbk2-i" | - | - |
Safe
|
Elecom Search vendor "Elecom" | Wrc-1750ghbk-e Firmware Search vendor "Elecom" for product "Wrc-1750ghbk-e Firmware" | * | - |
Affected
| in | Elecom Search vendor "Elecom" | Wrc-1750ghbk-e Search vendor "Elecom" for product "Wrc-1750ghbk-e" | - | - |
Safe
|