First published: Thu Nov 16 2023(Updated: )
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Elecom WRC-2533GHBK2-T Firmware | ||
Elecom Wrc-2533ghbk2-t Firmware | ||
All of | ||
Elecom Wrc-2533ghbk-i Firmware | ||
Elecom Wrc-2533ghbk-i Firmware | ||
All of | ||
Elecom Wrc-1750ghbk2-i Firmware | ||
Elecom WRC-1750GHBK2-I | ||
All of | ||
Elecom Wrc-1750ghbk-e Firmware | ||
Elecom WRC-1750GHBK | ||
All of | ||
Elecom Wrc-1750ghbk Firmware | ||
Elecom WRC-1750GHBK | ||
All of | ||
Elecom Wrc-1167ghbk2 | ||
Elecom WRC-1167GHBK2 | ||
All of | ||
Elecom Wrc-1167ghbk-s Firmware | ||
Elecom Wrc-1167ghbk-s | ||
All of | ||
Elecom WRC-F1167ACF2 Firmware | ||
Elecom Wrc-f1167acf Firmware | ||
All of | ||
Elecom Wrc-733ghbk-i | ||
Elecom Wrc-733ghbk-c | ||
All of | ||
Elecom WRC-733GHBK-I | ||
Elecom WRC-733GHBK-I Firmware | ||
All of | ||
Elecom Wrc-733ghbk-c Firmware | ||
Elecom Wrc-733ghbk-c Firmware | ||
All of | ||
Elecom Wrc-300ghbk2-i Firmware | ||
Elecom Wrc-300ghbk2-i Firmware | ||
All of | ||
Elecom Wrc-300ghbk2-i Firmware | ||
Elecom Wrc-300ghbk Firmware | ||
All of | ||
Elecom WRC-733FEBK2-A Firmware | ||
Elecom Wrc-733febk Firmware | ||
All of | ||
Elecom WRC-300FEBK-R Firmware | ||
Elecom WRC-300FEBK-R Firmware | ||
All of | ||
Elecom WRC-F300NF | ||
Elecom WRC-F300NF | ||
All of | ||
Elecom Wrh-h300wh Firmware | ||
Elecom Wrh-h300wh Firmware | ||
All of | ||
Elecom WRH-300BK | ||
Elecom WRH-300BK Firmware | ||
All of | ||
Elecom Wrh-300wh Firmware | ||
Elecom WRH-300WH | ||
All of | ||
Elecom WRH-300RD Firmware | ||
Elecom WRH-300 | ||
All of | ||
Elecom Wrh-300sv Firmware | ||
Elecom Wrh-300sv Firmware | ||
All of | ||
Elecom WRH-300BK-S Firmware | ||
Elecom Wrh-300bk-s Firmware | ||
All of | ||
Elecom WRH-300WH-S | ||
Elecom WRH-300WH | ||
All of | ||
Elecom WRH-300BK2-S Firmware | ||
Elecom Wrh-300bk2-s Firmware | ||
All of | ||
Elecom WRH-300WH2-S | ||
Elecom WRH-300WH2-S Firmware | ||
All of | ||
Elecom WRH-H300BK Firmware | ||
Elecom WRH-300BK | ||
All of | ||
Elecom Wrh-h300wh Firmware | ||
Elecom WRH-300WH | ||
All of | ||
Elecom Wrh-150bk Firmware | ||
Elecom Wrh-150bk Firmware | ||
All of | ||
Elecom Wrh-150wh Firmware | ||
Elecom Wrh-150wh Firmware | ||
All of | ||
Elecom Lan-w300n/rs Firmware | ||
Elecom LAN-W300N/RS | ||
All of | ||
Elecom Lan-W301NR Firmware | ||
Elecom Lan-W301NR Firmware | ||
All of | ||
Elecom Lan-w300n/p Firmware | ||
Elecom Lan-w300n/p | ||
All of | ||
Elecom Lan-wh300n/dgp Firmware | ||
Elecom Lan-wh300n/dgp | ||
All of | ||
Elecom Lan-WH300NDGPE | ||
Elecom Lan-wh300ndgpe Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-43757 has been classified as a high severity vulnerability due to the inadequate encryption strength allowing attackers to intercept wireless LAN communications.
To fix CVE-2023-43757, update the firmware of your affected ELECOM or LOGITEC router to the latest version provided by the manufacturer.
CVE-2023-43757 affects multiple router models provided by ELECOM and LOGITEC, including models such as Wrc-2533ghbk2-t and Wrc-1750ghbk.
CVE-2023-43757 requires a network-adjacent attacker to exploit the vulnerability, meaning physical proximity to the vulnerable network is needed.
CVE-2023-43757 allows attackers to potentially intercept unencrypted communications over the wireless LAN, compromising data integrity and confidentiality.