Unrated severityNVD Advisory· Published Jul 13, 2023· Updated Nov 6, 2024

CVE-2023-37566

Description

Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary command by sending a specially crafted request to the web management page. Affected products and versions are as follows: WRC-1167GHBK3-A v1.24 and earlier, WRC-1167FEBK-A v1.18 and earlier, WRC-F1167ACF2 all versions, WRC-600GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, and LAN-W301NR all versions.

Affected products

Elecom Co.,ltd./Wrc 600ghbk Av5
Range: all versions
ELECOM CO.,LTD./WRC-F1167ACF2v5
Range: all versions
ELECOM CO.,LTD./WRC-1467GHBK-Av5
Range: all versions
Elecom Co.,ltd./Wrc 1900ghbk Av5
Range: all versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000