CVE-2023-43757 - Vulnerability Details

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00044.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

ELECOM CO.,LTD.

WRC-2533GHBK2-T

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-2533GHBK-I

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-1750GHBK2-I

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-1750GHBK-E

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-1750GHBK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-1167GHBK2

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-1167GHBK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-F1167ACF

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-733GHBK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-733GHBK-I

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-733GHBK-C

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-300GHBK2-I

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-300GHBK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-733FEBK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-300FEBK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRC-F300NF

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300WH-H

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300BK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300WH

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300RD

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300SV

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300BK-S

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300WH-S

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300BK2-S

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-300WH2-S

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-H300BK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-H300WH

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-150BK

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

WRH-150WH

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

LAN-W300N/RS

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

LAN-W301NR

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

LAN-W300N/P

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

LAN-WH300N/DGP

affected

Version	Status	Constraints
`all versions`	affected	—

ELECOM CO.,LTD.

LAN-WH300NDGPE

affected

Version	Status	Constraints
`all versions`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:elecom:wrc-2533ghbk2-t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-2533ghbk2-t:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:elecom:wrc-2533ghbk-i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-2533ghbk-i:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:elecom:wrc-1750ghbk2-i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-1750ghbk2-i:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:elecom:wrc-1750ghbk-e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-1750ghbk-e:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:elecom:wrc-1750ghbk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-1750ghbk:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:elecom:wrc-1167ghbk2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-1167ghbk2:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:elecom:wrc-1167ghbk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-1167ghbk:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:elecom:wrc-f1167acf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-f1167acf:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:elecom:wrc-733ghbk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-733ghbk:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:elecom:wrc-733ghbk-i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-733ghbk-i:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:elecom:wrc-733ghbk-c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-733ghbk-c:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:elecom:wrc-300ghbk2-i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-300ghbk2-i:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:elecom:wrc-300ghbk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-300ghbk:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:elecom:wrc-733febk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-733febk:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:elecom:wrc-300febk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-300febk:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:elecom:wrc-f300nf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrc-f300nf:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:elecom:wrh-300wh-h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300wh-h:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:elecom:wrh-300bk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300bk:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:elecom:wrh-300wh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300wh:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:elecom:wrh-300rd_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300rd:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:elecom:wrh-300sv_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300sv:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:elecom:wrh-300bk-s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300bk-s:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:elecom:wrh-300wh-s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300wh-s:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:elecom:wrh-300bk2-s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300bk2-s:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:elecom:wrh-300wh2-s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-300wh2-s:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:elecom:wrh-h300bk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-h300bk:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:elecom:wrh-h300wh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-h300wh:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:elecom:wrh-150bk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-150bk:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:elecom:wrh-150wh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wrh-150wh:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:elecom:lan-w300n\/rs_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:lan-w300n\/rs:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:elecom:lan-w301nr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:lan-w301nr:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:elecom:lan-w300n\/p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:lan-w300n\/p:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:elecom:lan-wh300n\/dgp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:lan-wh300n\/dgp:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:elecom:lan-wh300ndgpe_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:lan-wh300ndgpe:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Elecom Subscribe	Lan-w300n\/p Subscribe Lan-w300n\/p Firmware Subscribe Lan-w300n\/rs Subscribe Lan-w300n\/rs Firmware Subscribe Lan-w301nr Subscribe Lan-w301nr Firmware Subscribe Lan-wh300n\/dgp Subscribe Lan-wh300n\/dgp Firmware Subscribe Lan-wh300ndgpe Subscribe Lan-wh300ndgpe Firmware Subscribe Wrc-1167ghbk Subscribe Wrc-1167ghbk2 Subscribe Wrc-1167ghbk2 Firmware Subscribe Wrc-1167ghbk Firmware Subscribe Wrc-1750ghbk Subscribe Wrc-1750ghbk-e Subscribe Wrc-1750ghbk-e Firmware Subscribe Wrc-1750ghbk2-i Subscribe Wrc-1750ghbk2-i Firmware Subscribe Wrc-1750ghbk Firmware Subscribe Wrc-2533ghbk-i Subscribe Wrc-2533ghbk-i Firmware Subscribe Wrc-2533ghbk2-t Subscribe Wrc-2533ghbk2-t Firmware Subscribe Wrc-300febk Subscribe Wrc-300febk Firmware Subscribe Wrc-300ghbk Subscribe Wrc-300ghbk2-i Subscribe Wrc-300ghbk2-i Firmware Subscribe Wrc-300ghbk Firmware Subscribe Wrc-733febk Subscribe Wrc-733febk Firmware Subscribe Wrc-733ghbk Subscribe Wrc-733ghbk-c Subscribe Wrc-733ghbk-c Firmware Subscribe Wrc-733ghbk-i Subscribe Wrc-733ghbk-i Firmware Subscribe Wrc-733ghbk Firmware Subscribe Wrc-f1167acf Subscribe Wrc-f1167acf Firmware Subscribe Wrc-f300nf Subscribe Wrc-f300nf Firmware Subscribe Wrh-150bk Subscribe Wrh-150bk Firmware Subscribe Wrh-150wh Subscribe Wrh-150wh Firmware Subscribe Wrh-300bk Subscribe Wrh-300bk-s Subscribe Wrh-300bk-s Firmware Subscribe Wrh-300bk2-s Subscribe Wrh-300bk2-s Firmware Subscribe Wrh-300bk Firmware Subscribe Wrh-300rd Subscribe Wrh-300rd Firmware Subscribe Wrh-300sv Subscribe Wrh-300sv Firmware Subscribe Wrh-300wh Subscribe Wrh-300wh-h Subscribe Wrh-300wh-h Firmware Subscribe Wrh-300wh-s Subscribe Wrh-300wh-s Firmware Subscribe Wrh-300wh2-s Subscribe Wrh-300wh2-s Firmware Subscribe Wrh-300wh Firmware Subscribe Wrh-h300bk Subscribe Wrh-h300bk Firmware Subscribe Wrh-h300wh Subscribe Wrh-h300wh Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2023-48134	Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU94119876/
https://www.elecom.co.jp/news/security/20210706-01/
https://www.elecom.co.jp/news/security/20230810-01/
https://www.elecom.co.jp/news/security/20231114-01/

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2023-11-16T06:21:13.445Z

Updated: 2024-08-02T19:52:10.967Z

Reserved: 2023-10-31T07:10:40.728Z

Link: CVE-2023-43757

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-11-16T07:15:08.600

Modified: 2024-11-21T08:24:43.627

Link: CVE-2023-43757

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-326

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object