CVE-2023-43757

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-43757
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://jvn.jp/en/vu/JVNVU94119876/ Third Party Advisory
https://www.elecom.co.jp/news/security/20210706-01/ Third Party Advisory
https://www.elecom.co.jp/news/security/20230810-01/ Third Party Advisory
https://www.elecom.co.jp/news/security/20231114-01/ Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:elecom:wrc-2533ghbk2-t_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-2533ghbk2-t:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:elecom:wrc-2533ghbk-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-2533ghbk-i:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:elecom:wrc-1750ghbk2-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk2-i:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:elecom:wrc-1750ghbk-e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk-e:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:elecom:wrc-1750ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:elecom:wrc-1167ghbk2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1167ghbk2:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:elecom:wrc-1167ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1167ghbk:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:elecom:wrc-f1167acf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f1167acf:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:elecom:wrc-733ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:elecom:wrc-733ghbk-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk-i:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:elecom:wrc-733ghbk-c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk-c:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:elecom:wrc-300ghbk2-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300ghbk2-i:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:elecom:wrc-300ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300ghbk:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:elecom:wrc-733febk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733febk:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:elecom:wrc-300febk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300febk:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:elecom:wrc-f300nf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f300nf:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh-h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-h:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:elecom:wrh-300bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:elecom:wrh-300rd_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300rd:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:elecom:wrh-300sv_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300sv:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:elecom:wrh-300bk-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk-s:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-s:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:elecom:wrh-300bk2-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk2-s:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh2-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh2-s:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:elecom:wrh-h300bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300bk:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:elecom:wrh-h300wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300wh:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:elecom:wrh-150bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-150bk:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:elecom:wrh-150wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-150wh:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:elecom:lan-w300n\/rs_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w300n\/rs:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:elecom:lan-w301nr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w301nr:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:elecom:lan-w300n\/p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w300n\/p:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:elecom:lan-wh300n\/dgp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-wh300n\/dgp:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:elecom:lan-wh300ndgpe_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-wh300ndgpe:-:*:*:*:*:*:*:*
History

01 Dec 2023, 18:45

Type Values Removed Values Added
First Time Elecom wrc-733ghbk-i
Elecom lan-w301nr
Elecom wrh-300sv
Elecom wrh-300wh-s Firmware
Elecom wrh-300wh2-s
Elecom wrh-300bk2-s
Elecom wrh-300wh-s
Elecom wrh-300rd
Elecom lan-wh300ndgpe Firmware
Elecom wrc-2533ghbk-i Firmware
Elecom wrc-733ghbk-c Firmware
Elecom wrh-300wh-h
Elecom wrh-h300wh
Elecom wrh-150wh Firmware
Elecom
Elecom wrc-733febk
Elecom wrh-300bk-s
Elecom wrh-150bk
Elecom wrc-1167ghbk
Elecom wrc-2533ghbk2-t
Elecom wrc-f1167acf Firmware
Elecom wrc-733ghbk
Elecom wrc-300febk Firmware
Elecom wrc-f1167acf
Elecom wrc-2533ghbk2-t Firmware
Elecom wrc-1750ghbk2-i Firmware
Elecom wrc-2533ghbk-i
Elecom wrc-1167ghbk Firmware
Elecom wrh-150bk Firmware
Elecom wrh-h300bk
Elecom wrh-300bk Firmware
Elecom wrh-300sv Firmware
Elecom wrh-300wh-h Firmware
Elecom wrh-300wh2-s Firmware
Elecom wrh-300bk
Elecom wrh-300wh
Elecom lan-w300n\/rs Firmware
Elecom lan-wh300n\/dgp
Elecom wrh-300bk-s Firmware
Elecom lan-w300n\/rs
Elecom wrc-300ghbk2-i Firmware
Elecom wrc-1750ghbk2-i
Elecom wrc-f300nf
Elecom wrc-300ghbk Firmware
Elecom lan-wh300n\/dgp Firmware
Elecom wrc-f300nf Firmware
Elecom lan-w300n\/p Firmware
Elecom wrh-h300wh Firmware
Elecom wrc-1167ghbk2
Elecom wrc-300febk
Elecom wrh-300rd Firmware
Elecom wrh-h300bk Firmware
Elecom wrh-300bk2-s Firmware
Elecom wrc-1167ghbk2 Firmware
Elecom wrc-1750ghbk
Elecom wrh-150wh
Elecom lan-w300n\/p
Elecom wrc-1750ghbk-e Firmware
Elecom lan-wh300ndgpe
Elecom lan-w301nr Firmware
Elecom wrc-733febk Firmware
Elecom wrc-733ghbk-c
Elecom wrc-733ghbk-i Firmware
Elecom wrc-1750ghbk Firmware
Elecom wrh-300wh Firmware
Elecom wrc-300ghbk
Elecom wrc-300ghbk2-i
Elecom wrc-1750ghbk-e
Elecom wrc-733ghbk Firmware
CWE CWE-326
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5
CPE cpe:2.3:h:elecom:wrc-1167ghbk:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-1167ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300wh-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-wh300n\/dgp:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300rd:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh2-s:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300bk:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-1750ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300wh:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-f300nf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-733ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300wh-h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-300ghbk2-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-s:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk-s:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk-e:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-733febk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-300ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-f1167acf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-2533ghbk2-t:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f300nf:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-h300bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f1167acf:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733febk:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk-c:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-733ghbk-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:lan-w300n\/rs_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-1167ghbk2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-150wh:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-2533ghbk-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk-i:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:lan-w300n\/p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300ghbk2-i:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300sv_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-150wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-1750ghbk2-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w300n\/rs:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300bk2-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300wh2-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-h:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-wh300ndgpe:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-2533ghbk-i:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk2-s:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk2-i:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-733ghbk-c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w301nr:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-150bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300sv:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w300n\/p:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300bk-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:lan-wh300ndgpe_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-1750ghbk-e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-300febk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:lan-wh300n\/dgp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300febk:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300ghbk:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrc-2533ghbk2-t_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:lan-w301nr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-150bk:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-300rd_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wrh-h300wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1167ghbk2:-:*:*:*:*:*:*:*
References () https://jvn.jp/en/vu/JVNVU94119876/ - () https://jvn.jp/en/vu/JVNVU94119876/ - Third Party Advisory
References () https://www.elecom.co.jp/news/security/20210706-01/ - () https://www.elecom.co.jp/news/security/20210706-01/ - Third Party Advisory
References () https://www.elecom.co.jp/news/security/20230810-01/ - () https://www.elecom.co.jp/news/security/20230810-01/ - Third Party Advisory
References () https://www.elecom.co.jp/news/security/20231114-01/ - () https://www.elecom.co.jp/news/security/20231114-01/ - Third Party Advisory

16 Nov 2023, 07:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-11-16 07:15

Updated : 2023-12-10 15:26

NVD link : CVE-2023-43757

Mitre link : CVE-2023-43757

CVE.ORG link : CVE-2023-43757

JSON object : View

Products Affected

elecom

  • wrh-300wh-s_firmware
  • wrc-2533ghbk-i
  • wrc-1167ghbk_firmware
  • wrc-733ghbk_firmware
  • lan-w300n\/p_firmware
  • wrc-733febk_firmware
  • wrh-300bk_firmware
  • wrh-300sv
  • lan-w300n\/p
  • wrh-150bk_firmware
  • wrh-h300bk_firmware
  • wrc-1750ghbk-e
  • lan-wh300ndgpe_firmware
  • lan-w301nr_firmware
  • wrh-300rd
  • wrc-1750ghbk
  • wrh-300wh2-s_firmware
  • wrh-300wh-h
  • wrc-733ghbk-i_firmware
  • wrc-2533ghbk2-t
  • lan-w300n\/rs
  • wrh-300wh2-s
  • wrc-2533ghbk-i_firmware
  • wrc-f300nf_firmware
  • wrc-300ghbk2-i
  • wrc-733febk
  • wrh-h300bk
  • wrh-300sv_firmware
  • wrc-f1167acf
  • wrh-300bk2-s_firmware
  • wrc-300febk
  • wrh-150wh
  • wrh-h300wh_firmware
  • wrh-300bk-s
  • wrh-300bk2-s
  • wrc-1750ghbk2-i
  • wrh-300rd_firmware
  • wrc-1167ghbk
  • wrh-h300wh
  • wrc-2533ghbk2-t_firmware
  • wrh-150bk
  • wrh-300wh_firmware
  • wrc-300ghbk_firmware
  • wrh-300wh
  • wrh-300wh-s
  • wrc-300ghbk
  • wrc-f1167acf_firmware
  • wrh-300bk-s_firmware
  • wrc-733ghbk-c
  • wrc-300ghbk2-i_firmware
  • wrc-1750ghbk-e_firmware
  • wrh-300bk
  • lan-wh300ndgpe
  • wrc-f300nf
  • wrc-733ghbk
  • wrc-1167ghbk2
  • wrc-733ghbk-c_firmware
  • wrh-150wh_firmware
  • lan-w300n\/rs_firmware
  • lan-wh300n\/dgp_firmware
  • lan-w301nr
  • wrh-300wh-h_firmware
  • lan-wh300n\/dgp
  • wrc-1750ghbk2-i_firmware
  • wrc-1167ghbk2_firmware
  • wrc-733ghbk-i
  • wrc-300febk_firmware
  • wrc-1750ghbk_firmware
CWE
CWE-326

Inadequate Encryption Strength