CVE-2023-37563

Summary

ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network-adjacent unauthorized attacker to obtain sensitive information. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, WRC-1167FEBK-A v1.18 and earlier, WRC-F1167ACF2 all versions, WRC-600GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-1467GHBK-A all versions, WRC-1467GHBK-S all versions, WRC-1900GHBK-A all versions, and WRC-1900GHBK-S all versions.

Affected Software

VendorProductVersion RangeStatus
ELECOM CO.,LTD.WRC-1167GHBK-Sv1.03 and earlieraffected
ELECOM CO.,LTD.WRC-1167GEBK-Sv1.03 and earlieraffected
ELECOM CO.,LTD.WRC-1167FEBK-Sv1.04 and earlieraffected
ELECOM CO.,LTD.WRC-1167GHBK3-Av1.24 and earlieraffected
ELECOM CO.,LTD.WRC-1167FEBK-Av1.18 and earlieraffected
ELECOM CO.,LTD.WRC-F1167ACF2all versionsaffected
ELECOM CO.,LTD.WRC-600GHBK-Aall versionsaffected
ELECOM CO.,LTD.WRC-733FEBK2-Aall versionsaffected
ELECOM CO.,LTD.WRC-1467GHBK-Aall versionsaffected
ELECOM CO.,LTD.WRC-1467GHBK-Sall versionsaffected
ELECOM CO.,LTD.WRC-1900GHBK-Aall versionsaffected
ELECOM CO.,LTD.WRC-1900GHBK-Sall versionsaffected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References