Lucene search

[email protected]NVD:CVE-2023-37561

HistoryJul 13, 2023 - 2:15 a.m.

CVE-2023-37561

2023-07-1302:15:09

CWE-601

[email protected]

web.nvd.nist.gov

vulnerability

open redirect

elecom

wireless lan routers

wireless lan repeaters

remote unauthenticated attacker

phishing attacks

url

affected products

versions

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

42.7%

JSON

Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. Affected products and versions are as follows: WRH-300WH-H v2.12 and earlier, WTC-300HWH v1.09 and earlier, WTC-C1167GC-B v1.17 and earlier, and WTC-C1167GC-W v1.17 and earlier.

Affected configurations

Nvd

Node

elecomwrh-300wh-hMatch-

AND

elecomwrh-300wh-h_firmwareRange≤2.12

Node

elecomwtc-300hwhMatch-

AND

elecomwtc-300hwh_firmwareRange≤1.09

Node

elecomwtc-c1167gc-bMatch-

AND

elecomwtc-c1167gc-b_firmwareRange≤1.17

Node

elecomwtc-c1167gc-wMatch-

AND

elecomwtc-c1167gc-w_firmwareRange≤1.17

VendorProductVersionCPE
elecomwrh-300wh-h-cpe:2.3:h:elecom:wrh-300wh-h:-:*:*:*:*:*:*:*
elecomwrh-300wh-h_firmware*cpe:2.3:o:elecom:wrh-300wh-h_firmware:*:*:*:*:*:*:*:*
elecomwtc-300hwh-cpe:2.3:h:elecom:wtc-300hwh:-:*:*:*:*:*:*:*
elecomwtc-300hwh_firmware*cpe:2.3:o:elecom:wtc-300hwh_firmware:*:*:*:*:*:*:*:*
elecomwtc-c1167gc-b-cpe:2.3:h:elecom:wtc-c1167gc-b:-:*:*:*:*:*:*:*
elecomwtc-c1167gc-b_firmware*cpe:2.3:o:elecom:wtc-c1167gc-b_firmware:*:*:*:*:*:*:*:*
elecomwtc-c1167gc-w-cpe:2.3:h:elecom:wtc-c1167gc-w:-:*:*:*:*:*:*:*
elecomwtc-c1167gc-w_firmware*cpe:2.3:o:elecom:wtc-c1167gc-w_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
elecom	wrh-300wh-h	-	cpe:2.3:h:elecom:wrh-300wh-h:-:::::::*
elecom	wrh-300wh-h_firmware	*	cpe:2.3:o:elecom:wrh-300wh-h_firmware::::::::
elecom	wtc-300hwh	-	cpe:2.3:h:elecom:wtc-300hwh:-:::::::*
elecom	wtc-300hwh_firmware	*	cpe:2.3:o:elecom:wtc-300hwh_firmware::::::::
elecom	wtc-c1167gc-b	-	cpe:2.3:h:elecom:wtc-c1167gc-b:-:::::::*
elecom	wtc-c1167gc-b_firmware	*	cpe:2.3:o:elecom:wtc-c1167gc-b_firmware::::::::
elecom	wtc-c1167gc-w	-	cpe:2.3:h:elecom:wtc-c1167gc-w:-:::::::*
elecom	wtc-c1167gc-w_firmware	*	cpe:2.3:o:elecom:wtc-c1167gc-w_firmware::::::::