JVN#28412757: Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT

Wi-Fi AP UNIT provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities listed below.

Missing authentication for critical function (CWE-306) - CVE-2023-31196

OS command injection (CWE-78) - CVE-2023-31198

OS command injection (CWE-78) - CVE-2023-28392

Impact

• A remote attacker may obtain sensitive information of the affected products - CVE-2023-31196
• An arbitrary OS command may be executed if a remote authenticated attacker with an administrative privilege sends a specially crafted request - CVE-2023-31198
• An arbitrary OS command may be executed by an authenticated user with the administrative privilege - CVE-2023-28392

Solution

Apply the workaround
The developer states that these products are no longer supported, therefore recommends users to apply the following workarounds to mitigate the impacts of these vulnerabilities.

• Change the initial configuration values
  • Change IP address
• Change device operation settings
  • Prohibit access from WAN/Wireless interface (Only allow access through the front LAN port)
• Change filtering configuration
  • Set the MAC address of the client to allow wireless connection
  • Configure VPN, IP filters, etc. to restrict connections from the client
• Additional mitigation guidance/practices
  • Setup a firewall and run the product behind it
  • Do not access to other websites while logged into the setting page of the product
  • Close the web browser after finishing the operation in the setting page
  • Delete the password for the setting page saved in the web browser

Products Affected

• AC-PD-WAPU v1.05_B04 and earlier
• AC-PD-WAPUM v1.05_B04 and earlier
• AC-PD-WAPU-P v1.05_B04P and earlier
• AC-PD-WAPUM-P v1.05_B04P and earlier
• AC-WAPU-300 v1.00_B07 and earlier
• AC-WAPUM-300 v1.00_B07 and earlier
• AC-WAPU-300-P v1.00_B07 and earlier
• AC-WAPUM-300-P v1.00_B07 and earlier