CVE-2023-35991
8.8
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| LOGITEC CORPORATION | LAN-W300N/DR | all versions | affected |
| LOGITEC CORPORATION | LAN-WH300N/DR | all versions | affected |
| LOGITEC CORPORATION | LAN-W300N/P | all versions | affected |
| LOGITEC CORPORATION | LAN-WH450N/GP | all versions | affected |
| LOGITEC CORPORATION | LAN-WH300AN/DGP | all versions | affected |
| LOGITEC CORPORATION | LAN-WH300N/DGP | all versions | affected |
| LOGITEC CORPORATION | LAN-WH300ANDGPE | all versions | affected |
Weaknesses
- Hidden Functionality
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.