CVE-2023-37568

Summary

ELECOM wireless LAN routers WRC-1167GHBK-S v1.03 and earlier, and WRC-1167GEBK-S v1.03 and earlier allow a network-adjacent authenticated attacker to execute an arbitrary command by sending a specially crafted request to the web management page.

Affected Software

VendorProductVersion RangeStatus
ELECOM CO.,LTD.WRC-1167GHBK-Sv1.03 and earlieraffected
ELECOM CO.,LTD.WRC-1167GEBK-Sv1.03 and earlieraffected

Weaknesses

  • Arbitrary command execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References