cbcvebase.
CVE-2023-43757
published 2023-11-16

CVE-2023-43757: Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated…

PriorityP432medium6.5CVSS 3.1
AVAACLPRNUINSUCHINAN
EPSS
0.50%
38.8th percentile
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

Affected

34 ranges· showing 25
VendorProductVersion rangeFixed in
elecom_co_ltdlan-w300n_p
elecom_co_ltdlan-w300n_rs
elecom_co_ltdlan-w301nr
elecom_co_ltdlan-wh300n_dgp
elecom_co_ltdlan-wh300ndgpe
elecom_co_ltdwrc-1167ghbk
elecom_co_ltdwrc-1167ghbk2
elecom_co_ltdwrc-1750ghbk
elecom_co_ltdwrc-1750ghbk-e
elecom_co_ltdwrc-1750ghbk2-i
elecom_co_ltdwrc-2533ghbk-i
elecom_co_ltdwrc-2533ghbk2-t
elecom_co_ltdwrc-300febk
elecom_co_ltdwrc-300ghbk
elecom_co_ltdwrc-300ghbk2-i
elecom_co_ltdwrc-733febk
elecom_co_ltdwrc-733ghbk
elecom_co_ltdwrc-733ghbk-c
elecom_co_ltdwrc-733ghbk-i
elecom_co_ltdwrc-f1167acf
elecom_co_ltdwrc-f300nf
elecom_co_ltdwrh-150bk
elecom_co_ltdwrh-150wh
elecom_co_ltdwrh-300bk
elecom_co_ltdwrh-300bk-s
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.