CVE-2023-43757
published 2023-11-16CVE-2023-43757: Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated…
PriorityP432medium6.5CVSS 3.1
AVAACLPRNUINSUCHINAN
EPSS
0.50%
38.8th percentile
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elecom_co_ltd | lan-w300n_p | — | — |
| elecom_co_ltd | lan-w300n_rs | — | — |
| elecom_co_ltd | lan-w301nr | — | — |
| elecom_co_ltd | lan-wh300n_dgp | — | — |
| elecom_co_ltd | lan-wh300ndgpe | — | — |
| elecom_co_ltd | wrc-1167ghbk | — | — |
| elecom_co_ltd | wrc-1167ghbk2 | — | — |
| elecom_co_ltd | wrc-1750ghbk | — | — |
| elecom_co_ltd | wrc-1750ghbk-e | — | — |
| elecom_co_ltd | wrc-1750ghbk2-i | — | — |
| elecom_co_ltd | wrc-2533ghbk-i | — | — |
| elecom_co_ltd | wrc-2533ghbk2-t | — | — |
| elecom_co_ltd | wrc-300febk | — | — |
| elecom_co_ltd | wrc-300ghbk | — | — |
| elecom_co_ltd | wrc-300ghbk2-i | — | — |
| elecom_co_ltd | wrc-733febk | — | — |
| elecom_co_ltd | wrc-733ghbk | — | — |
| elecom_co_ltd | wrc-733ghbk-c | — | — |
| elecom_co_ltd | wrc-733ghbk-i | — | — |
| elecom_co_ltd | wrc-f1167acf | — | — |
| elecom_co_ltd | wrc-f300nf | — | — |
| elecom_co_ltd | wrh-150bk | — | — |
| elecom_co_ltd | wrh-150wh | — | — |
| elecom_co_ltd | wrh-300bk | — | — |
| elecom_co_ltd | wrh-300bk-s | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://jvn.jp/en/vu/JVNVU94119876/https://www.elecom.co.jp/news/security/20210706-01/https://www.elecom.co.jp/news/security/20230810-01/https://www.elecom.co.jp/news/security/20231114-01/https://jvn.jp/en/vu/JVNVU94119876/https://www.elecom.co.jp/news/security/20210706-01/https://www.elecom.co.jp/news/security/20230810-01/https://www.elecom.co.jp/news/security/20231114-01/
2023-11-16
Published