CVE-2023-37564
N/A
N/A
Summary
OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary OS command with a root privilege by sending a specially crafted request. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, and WRC-1167FEBK-A v1.18 and earlier.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ELECOM CO.,LTD. | WRC-1167GHBK-S | v1.03 and earlier | affected |
| ELECOM CO.,LTD. | WRC-1167GEBK-S | v1.03 and earlier | affected |
| ELECOM CO.,LTD. | WRC-1167FEBK-S | v1.04 and earlier | affected |
| ELECOM CO.,LTD. | WRC-1167GHBK3-A | v1.24 and earlier | affected |
| ELECOM CO.,LTD. | WRC-1167FEBK-A | v1.18 and earlier | affected |
Weaknesses
- OS command injection
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.