CVE-2023-37563

Published Jul 13, 2023

Last updated 9 days ago

CVSS medium 6.5

Overview

Description: ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network-adjacent unauthorized attacker to obtain sensitive information. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, WRC-1167FEBK-A v1.18 and earlier, WRC-F1167ACF2 all versions, WRC-600GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-1467GHBK-A all versions, WRC-1467GHBK-S all versions, WRC-1900GHBK-A all versions, and WRC-1900GHBK-S all versions.
Source: vultures@jpcert.or.jp
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-922

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:elecom:wrc-1167ghbk-s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73FE02E7-2700-4C34-8DA7-F04040ABD427",
            "versionEndIncluding": "1.03"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:elecom:wrc-1167ghbk-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5EA23990-CAE0-4EDE-8355-530CB0D72288"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:elecom:wrc-1167gebk-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1840F3EA-A2F1-4E0D-A179-A0141BDA1760"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:elecom:wrc-1167gebk-s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D15FBA3F-C309-4B24-B4B0-FF271DC24681",
            "versionEndIncluding": "1.03"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:elecom:wrc-1167febk-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F7EF5A7C-3EEA-4592-A25C-E254DF703FFF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:elecom:wrc-1167febk-s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7200E9A-0713-461F-AD6D-03151D62F0B0",
            "versionEndIncluding": "1.04"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:elecom:wrc-1167ghbk3-a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C6248727-0D48-44DA-A44A-87FD71ECEDA6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:elecom:wrc-1167ghbk3-a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDA47F4E-73D6-4F96-8EF4-8896701F6990",
            "versionEndIncluding": "1.24"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:elecom:wrc-1167febk-a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F6BA0C4-7C5C-4BF3-A268-4978590041E6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:elecom:wrc-1167febk-a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FA6AB13-9CBF-46A1-89E8-1D341E6FBE03",
            "versionEndIncluding": "1.18"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References