CWE
326
Advisory Published
Updated

CVE-2023-43757: Weak Encryption

First published: Thu Nov 16 2023(Updated: )

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

Credit: vultures@jpcert.or.jp

Affected SoftwareAffected VersionHow to fix
All of
Elecom WRC-2533GHBK2-T Firmware
Elecom Wrc-2533ghbk2-t Firmware
All of
Elecom Wrc-2533ghbk-i Firmware
Elecom Wrc-2533ghbk-i Firmware
All of
Elecom Wrc-1750ghbk2-i Firmware
Elecom WRC-1750GHBK2-I
All of
Elecom Wrc-1750ghbk-e Firmware
Elecom WRC-1750GHBK
All of
Elecom Wrc-1750ghbk Firmware
Elecom WRC-1750GHBK
All of
Elecom Wrc-1167ghbk2
Elecom WRC-1167GHBK2
All of
Elecom Wrc-1167ghbk-s Firmware
Elecom Wrc-1167ghbk-s
All of
Elecom WRC-F1167ACF2 Firmware
Elecom Wrc-f1167acf Firmware
All of
Elecom Wrc-733ghbk-i
Elecom Wrc-733ghbk-c
All of
Elecom WRC-733GHBK-I
Elecom WRC-733GHBK-I Firmware
All of
Elecom Wrc-733ghbk-c Firmware
Elecom Wrc-733ghbk-c Firmware
All of
Elecom Wrc-300ghbk2-i Firmware
Elecom Wrc-300ghbk2-i Firmware
All of
Elecom Wrc-300ghbk2-i Firmware
Elecom Wrc-300ghbk Firmware
All of
Elecom WRC-733FEBK2-A Firmware
Elecom Wrc-733febk Firmware
All of
Elecom WRC-300FEBK-R Firmware
Elecom WRC-300FEBK-R Firmware
All of
Elecom WRC-F300NF
Elecom WRC-F300NF
All of
Elecom Wrh-h300wh Firmware
Elecom Wrh-h300wh Firmware
All of
Elecom WRH-300BK
Elecom WRH-300BK Firmware
All of
Elecom Wrh-300wh Firmware
Elecom WRH-300WH
All of
Elecom WRH-300RD Firmware
Elecom WRH-300
All of
Elecom Wrh-300sv Firmware
Elecom Wrh-300sv Firmware
All of
Elecom WRH-300BK-S Firmware
Elecom Wrh-300bk-s Firmware
All of
Elecom WRH-300WH-S
Elecom WRH-300WH
All of
Elecom WRH-300BK2-S Firmware
Elecom Wrh-300bk2-s Firmware
All of
Elecom WRH-300WH2-S
Elecom WRH-300WH2-S Firmware
All of
Elecom WRH-H300BK Firmware
Elecom WRH-300BK
All of
Elecom Wrh-h300wh Firmware
Elecom WRH-300WH
All of
Elecom Wrh-150bk Firmware
Elecom Wrh-150bk Firmware
All of
Elecom Wrh-150wh Firmware
Elecom Wrh-150wh Firmware
All of
Elecom Lan-w300n/rs Firmware
Elecom LAN-W300N/RS
All of
Elecom Lan-W301NR Firmware
Elecom Lan-W301NR Firmware
All of
Elecom Lan-w300n/p Firmware
Elecom Lan-w300n/p
All of
Elecom Lan-wh300n/dgp Firmware
Elecom Lan-wh300n/dgp
All of
Elecom Lan-WH300NDGPE
Elecom Lan-wh300ndgpe Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2023-43757?

    CVE-2023-43757 has been classified as a high severity vulnerability due to the inadequate encryption strength allowing attackers to intercept wireless LAN communications.

  • How do I fix CVE-2023-43757?

    To fix CVE-2023-43757, update the firmware of your affected ELECOM or LOGITEC router to the latest version provided by the manufacturer.

  • Which devices are affected by CVE-2023-43757?

    CVE-2023-43757 affects multiple router models provided by ELECOM and LOGITEC, including models such as Wrc-2533ghbk2-t and Wrc-1750ghbk.

  • Can CVE-2023-43757 be exploited remotely?

    CVE-2023-43757 requires a network-adjacent attacker to exploit the vulnerability, meaning physical proximity to the vulnerable network is needed.

  • What impact does CVE-2023-43757 have on data security?

    CVE-2023-43757 allows attackers to potentially intercept unencrypted communications over the wireless LAN, compromising data integrity and confidentiality.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203