CVE-2023-37565: Code Injection
First published: Thu Jul 13 2023(Updated: )
Code injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute arbitrary code by sending a specially crafted request. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, and WRC-1167FEBK-A v1.18 and earlier.
Credit: vultures@jpcert.or.jp vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Elecom Wrc-1167ghbk-s Firmware | <=1.03 | |
| Elecom Wrc-1167ghbk-s | ||
| Elecom Wrc-1167gebk-s Firmware | <=1.03 | |
| Elecom Wrc-1167gebk-s | ||
| Elecom Wrc-1167febk-s Firmware | <=1.04 | |
| Elecom Wrc-1167febk-s | ||
| Elecom Wrc-1167ghbk3-a Firmware | <=1.24 | |
| Elecom Wrc-1167ghbk3-a | ||
| Elecom Wrc-1167febk-a Firmware | <=1.18 | |
| Elecom Wrc-1167febk-a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this code injection vulnerability in ELECOM wireless LAN routers?
The vulnerability ID for this code injection vulnerability in ELECOM wireless LAN routers is CVE-2023-37565.
How does the code injection vulnerability in ELECOM wireless LAN routers work?
The code injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute arbitrary code by sending a specially crafted request.
Which ELECOM wireless LAN router products and versions are affected by this vulnerability?
The ELECOM wireless LAN router products WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FE… are affected by this vulnerability.
What is the severity of the code injection vulnerability in ELECOM wireless LAN routers?
The severity of the code injection vulnerability in ELECOM wireless LAN routers is high with a severity value of 8.
How can I fix the code injection vulnerability in ELECOM wireless LAN routers?
To fix the code injection vulnerability in ELECOM wireless LAN routers, apply the latest firmware updates provided by ELECOM.
- collector/nvd-latest
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/last-modified-date
- agent/weakness
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/elecom
- canonical/elecom wrc-1167ghbk-s firmware
- version/elecom wrc-1167ghbk-s firmware/1.03
- canonical/elecom wrc-1167ghbk-s
- canonical/elecom wrc-1167gebk-s firmware
- version/elecom wrc-1167gebk-s firmware/1.03
- canonical/elecom wrc-1167gebk-s
- canonical/elecom wrc-1167febk-s firmware
- version/elecom wrc-1167febk-s firmware/1.04
- canonical/elecom wrc-1167febk-s
- canonical/elecom wrc-1167ghbk3-a firmware
- version/elecom wrc-1167ghbk3-a firmware/1.24
- canonical/elecom wrc-1167ghbk3-a
- canonical/elecom wrc-1167febk-a firmware
- version/elecom wrc-1167febk-a firmware/1.18
- canonical/elecom wrc-1167febk-a