Lucene search

[email protected]CVE-2023-39445

HistoryAug 18, 2023 - 10:15 a.m.

CVE-2023-39445

2023-08-1810:15:12

[email protected]

web.nvd.nist.gov

cve-2023-39445

hidden functionality

vulnerability

lan-wh300n/re

logitec corporation

unauthenticated

arbitrary code

management console

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.2%

JSON

Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted file to the product’s certain management console.

Affected configurations

NVD

Node

elecomwrc-1467ghbk-a_firmware

AND

elecomwrc-1467ghbk-aMatch-

Node

elecomwrc-1467ghbk-s_firmware

AND

elecomwrc-1467ghbk-sMatch-

Node

elecomwrc-1900ghbk-a_firmware

AND

elecomwrc-1900ghbk-aMatch-

Node

elecomwrc-1900ghbk-s_firmware

AND

elecomwrc-1900ghbk-sMatch-

Node

elecomwrc-600ghbk-a_firmware

AND

elecomwrc-600ghbk-aMatch-

Node

elecomwrc-733febk2-a_firmware

AND

elecomwrc-733febk2-aMatch-

Node

elecomwrc-f1167acf2_firmware

AND

elecomwrc-f1167acf2Match-

CPENameOperatorVersion
elecom:wrc-1467ghbk-a_firmwareelecom wrc-1467ghbk-a firmwareeq*

CPE	Name	Operator	Version
elecom:wrc-1467ghbk-a_firmware	elecom wrc-1467ghbk-a firmware	eq	*

CNA Affected

[
  {
    "vendor": "LOGITEC CORPORATION",
    "product": "LAN-WH300N/RE",
    "versions": [
      {
        "version": "all versions",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/vu/JVNVU91630351/

www.elecom.co.jp/news/security/20230810-01/

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.2%

JSON

Related for CVE-2023-39445

nvd1 prion1 cvelist1