Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

Metrics

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00044.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Elecom Subscribe
Lan-w300n\/p Subscribe
Lan-w300n\/p Firmware Subscribe
Lan-w300n\/rs Subscribe
Lan-w300n\/rs Firmware Subscribe
Lan-w301nr Subscribe
Lan-w301nr Firmware Subscribe
Lan-wh300n\/dgp Subscribe
Lan-wh300n\/dgp Firmware Subscribe
Lan-wh300ndgpe Subscribe
Lan-wh300ndgpe Firmware Subscribe
Wrc-1167ghbk Subscribe
Wrc-1167ghbk2 Subscribe
Wrc-1167ghbk2 Firmware Subscribe
Wrc-1167ghbk Firmware Subscribe
Wrc-1750ghbk Subscribe
Wrc-1750ghbk-e Subscribe
Wrc-1750ghbk-e Firmware Subscribe
Wrc-1750ghbk2-i Subscribe
Wrc-1750ghbk2-i Firmware Subscribe
Wrc-1750ghbk Firmware Subscribe
Wrc-2533ghbk-i Subscribe
Wrc-2533ghbk-i Firmware Subscribe
Wrc-2533ghbk2-t Subscribe
Wrc-2533ghbk2-t Firmware Subscribe
Wrc-300febk Subscribe
Wrc-300febk Firmware Subscribe
Wrc-300ghbk Subscribe
Wrc-300ghbk2-i Subscribe
Wrc-300ghbk2-i Firmware Subscribe
Wrc-300ghbk Firmware Subscribe
Wrc-733febk Subscribe
Wrc-733febk Firmware Subscribe
Wrc-733ghbk Subscribe
Wrc-733ghbk-c Subscribe
Wrc-733ghbk-c Firmware Subscribe
Wrc-733ghbk-i Subscribe
Wrc-733ghbk-i Firmware Subscribe
Wrc-733ghbk Firmware Subscribe
Wrc-f1167acf Subscribe
Wrc-f1167acf Firmware Subscribe
Wrc-f300nf Subscribe
Wrc-f300nf Firmware Subscribe
Wrh-150bk Subscribe
Wrh-150bk Firmware Subscribe
Wrh-150wh Subscribe
Wrh-150wh Firmware Subscribe
Wrh-300bk Subscribe
Wrh-300bk-s Subscribe
Wrh-300bk-s Firmware Subscribe
Wrh-300bk2-s Subscribe
Wrh-300bk2-s Firmware Subscribe
Wrh-300bk Firmware Subscribe
Wrh-300rd Subscribe
Wrh-300rd Firmware Subscribe
Wrh-300sv Subscribe
Wrh-300sv Firmware Subscribe
Wrh-300wh Subscribe
Wrh-300wh-h Subscribe
Wrh-300wh-h Firmware Subscribe
Wrh-300wh-s Subscribe
Wrh-300wh-s Firmware Subscribe
Wrh-300wh2-s Subscribe
Wrh-300wh2-s Firmware Subscribe
Wrh-300wh Firmware Subscribe
Wrh-h300bk Subscribe
Wrh-h300bk Firmware Subscribe
Wrh-h300wh Subscribe
Wrh-h300wh Firmware Subscribe

Configuration 1 [-]

AND
cpe:2.3:o:elecom:wrc-2533ghbk2-t_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-2533ghbk2-t:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:elecom:wrc-2533ghbk-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-2533ghbk-i:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:elecom:wrc-1750ghbk2-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk2-i:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:elecom:wrc-1750ghbk-e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk-e:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:elecom:wrc-1750ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:elecom:wrc-1167ghbk2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1167ghbk2:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:elecom:wrc-1167ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1167ghbk:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:elecom:wrc-f1167acf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f1167acf:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:elecom:wrc-733ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:elecom:wrc-733ghbk-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk-i:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:elecom:wrc-733ghbk-c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk-c:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:elecom:wrc-300ghbk2-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300ghbk2-i:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:elecom:wrc-300ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300ghbk:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:elecom:wrc-733febk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733febk:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:elecom:wrc-300febk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300febk:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:elecom:wrc-f300nf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f300nf:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:elecom:wrh-300wh-h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-h:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:elecom:wrh-300bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:elecom:wrh-300wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:elecom:wrh-300rd_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300rd:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:elecom:wrh-300sv_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300sv:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:elecom:wrh-300bk-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk-s:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:elecom:wrh-300wh-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-s:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:elecom:wrh-300bk2-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk2-s:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:elecom:wrh-300wh2-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh2-s:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:elecom:wrh-h300bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300bk:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:elecom:wrh-h300wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300wh:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:elecom:wrh-150bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-150bk:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:elecom:wrh-150wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-150wh:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:elecom:lan-w300n\/rs_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w300n\/rs:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:elecom:lan-w301nr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w301nr:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND
cpe:2.3:o:elecom:lan-w300n\/p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w300n\/p:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND
cpe:2.3:o:elecom:lan-wh300n\/dgp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-wh300n\/dgp:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND
cpe:2.3:o:elecom:lan-wh300ndgpe_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-wh300ndgpe:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-48134 Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://jvn.jp/en/vu/JVNVU94119876/ cve-icon cve-icon
https://www.elecom.co.jp/news/security/20210706-01/ cve-icon cve-icon
https://www.elecom.co.jp/news/security/20230810-01/ cve-icon cve-icon
https://www.elecom.co.jp/news/security/20231114-01/ cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2024-08-02T19:52:10.967Z

Reserved: 2023-10-31T07:10:40.728Z

Link: CVE-2023-43757

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-16T07:15:08.600

Modified: 2024-11-21T08:24:43.627

Link: CVE-2023-43757

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses