Elecom Wrc-1167Ghbk3-A Firmware vulnerabilities
5 known vulnerabilities affecting elecom/wrc-1167ghbk3-a_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-37567P2CRITICALCVSS 9.8≤ 1.242023-07-13
CVE-2023-37567 [CRITICAL] CWE-77 CVE-2023-37567: Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a remote unauthent
Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a remote unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port of the web management page. Affected products and versions are as follows: WRC-1167GHBK3-A v1.24 and earlier, WRC-F1167ACF2 all versions, WRC-600
nvd
CVE-2023-37564P3HIGHCVSS 8.0≤ 1.242023-07-13
CVE-2023-37564 [HIGH] CWE-78 CVE-2023-37564: OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenti
OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary OS command with a root privilege by sending a specially crafted request. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and ea
nvd
CVE-2023-37566P3HIGHCVSS 8.0≤ 1.242023-07-13
CVE-2023-37566 [HIGH] CWE-77 CVE-2023-37566: Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a network-adjacent
Command injection vulnerability in ELECOM and LOGITEC wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary command by sending a specially crafted request to the web management page. Affected products and versions are as follows: WRC-1167GHBK3-A v1.24 and earlier, WRC-1167FEBK-A v1.18 and earlier, WRC-F1167ACF2 a
nvd
CVE-2023-37565P3HIGHCVSS 8.0≤ 1.242023-07-13
CVE-2023-37565 [HIGH] CWE-94 CVE-2023-37565: Code injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated
Code injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute arbitrary code by sending a specially crafted request. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earli
nvd
CVE-2023-37563P4MEDIUMCVSS 6.5≤ 1.242023-07-13
CVE-2023-37563 [MEDIUM] CWE-922 CVE-2023-37563: ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network
ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network-adjacent unauthorized attacker to obtain sensitive information. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, WR
nvd