CVE-2023-39445

2023-08-1809:40:17

jpcert

www.cve.org

logitec

hidden functionality

vulnerability

unauthenticated

code execution

management console

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.3%

JSON

Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted file to the product’s certain management console.

CNA Affected

[
  {
    "vendor": "LOGITEC CORPORATION",
    "product": "LAN-WH300N/RE",
    "versions": [
      {
        "version": "all versions",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/vu/JVNVU91630351/

www.elecom.co.jp/news/security/20230810-01/