CVE-2023-43757

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-43757
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://jvn.jp/en/vu/JVNVU94119876/ Third Party Advisory
https://www.elecom.co.jp/news/security/20210706-01/ Third Party Advisory
https://www.elecom.co.jp/news/security/20230810-01/ Third Party Advisory
https://www.elecom.co.jp/news/security/20231114-01/ Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:elecom:wrc-2533ghbk2-t_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-2533ghbk2-t:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:elecom:wrc-2533ghbk-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-2533ghbk-i:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:elecom:wrc-1750ghbk2-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk2-i:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:elecom:wrc-1750ghbk-e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk-e:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:elecom:wrc-1750ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1750ghbk:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:elecom:wrc-1167ghbk2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1167ghbk2:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:elecom:wrc-1167ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-1167ghbk:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:elecom:wrc-f1167acf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f1167acf:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:elecom:wrc-733ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:elecom:wrc-733ghbk-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk-i:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:elecom:wrc-733ghbk-c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733ghbk-c:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:elecom:wrc-300ghbk2-i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300ghbk2-i:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:elecom:wrc-300ghbk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300ghbk:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:elecom:wrc-733febk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733febk:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:elecom:wrc-300febk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300febk:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:elecom:wrc-f300nf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f300nf:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh-h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-h:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:elecom:wrh-300bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:elecom:wrh-300rd_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300rd:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:elecom:wrh-300sv_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300sv:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:elecom:wrh-300bk-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk-s:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-s:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:elecom:wrh-300bk2-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk2-s:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh2-s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh2-s:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:elecom:wrh-h300bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300bk:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:elecom:wrh-h300wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300wh:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:elecom:wrh-150bk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-150bk:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:elecom:wrh-150wh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-150wh:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:elecom:lan-w300n\/rs_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w300n\/rs:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:elecom:lan-w301nr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w301nr:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:elecom:lan-w300n\/p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-w300n\/p:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:elecom:lan-wh300n\/dgp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-wh300n\/dgp:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:elecom:lan-wh300ndgpe_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:elecom:lan-wh300ndgpe:-:*:*:*:*:*:*:*
History

01 Dec 2023, 18:45

Type Values Removed Values Added
New CVE
Information

Published : 2023-11-16 07:15

Updated : 2024-02-05 00:22

NVD link : CVE-2023-43757

Mitre link : CVE-2023-43757

CVE.ORG link : CVE-2023-43757

JSON object : View

Products Affected

elecom

  • wrc-1750ghbk
  • wrh-300wh_firmware
  • wrc-1750ghbk-e_firmware
  • wrh-300wh2-s_firmware
  • wrc-733ghbk-c
  • wrh-300bk
  • wrh-150wh_firmware
  • wrh-300wh-s
  • lan-w300n\/p_firmware
  • lan-wh300ndgpe_firmware
  • wrh-h300wh
  • wrh-300wh
  • wrh-300wh-s_firmware
  • wrh-300bk-s_firmware
  • wrc-1167ghbk2
  • wrh-300bk2-s
  • lan-w301nr
  • wrc-733ghbk-c_firmware
  • wrh-150bk_firmware
  • wrc-f300nf
  • wrc-733ghbk_firmware
  • wrc-300ghbk
  • wrc-1167ghbk
  • wrh-300bk_firmware
  • wrc-1167ghbk2_firmware
  • wrc-733ghbk
  • lan-wh300ndgpe
  • wrc-300ghbk2-i
  • wrc-2533ghbk2-t_firmware
  • wrh-300sv
  • wrc-733ghbk-i
  • wrh-300sv_firmware
  • wrc-1750ghbk2-i
  • wrc-f1167acf_firmware
  • wrc-300febk_firmware
  • lan-w300n\/p
  • wrc-2533ghbk-i_firmware
  • wrc-733febk_firmware
  • wrc-733febk
  • wrc-f1167acf
  • lan-w300n\/rs
  • wrh-300rd
  • wrh-h300bk_firmware
  • wrh-300bk-s
  • wrc-1750ghbk_firmware
  • wrh-300wh-h
  • wrh-150wh
  • wrh-300wh2-s
  • wrc-300ghbk2-i_firmware
  • wrc-2533ghbk-i
  • wrh-300bk2-s_firmware
  • wrc-2533ghbk2-t
  • wrc-300ghbk_firmware
  • wrh-150bk
  • lan-wh300n\/dgp
  • wrc-733ghbk-i_firmware
  • lan-w301nr_firmware
  • wrc-1167ghbk_firmware
  • wrc-1750ghbk2-i_firmware
  • wrc-1750ghbk-e
  • lan-w300n\/rs_firmware
  • wrc-f300nf_firmware
  • wrh-300wh-h_firmware
  • wrc-300febk
  • lan-wh300n\/dgp_firmware
  • wrh-h300wh_firmware
  • wrh-300rd_firmware
  • wrh-h300bk
CWE
CWE-326

Inadequate Encryption Strength