Action not permitted
Modal body text goes here.
cve-2023-38576
Vulnerability from cvelistv5
Source | URL | Tags |
---|---|---|
vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU91630351/ | Third Party Advisory |
vultures@jpcert.or.jp | https://www.elecom.co.jp/news/security/20230810-01/ | Vendor Advisory |
Vendor | Product |
---|---|
LOGITEC CORPORATION | LAN-WH300N/RE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:46:56.360Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.elecom.co.jp/news/security/20230810-01/" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU91630351/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "LAN-WH300N/RE", "vendor": "LOGITEC CORPORATION", "versions": [ { "status": "affected", "version": "all versions" } ] } ], "descriptions": [ { "lang": "en", "value": "Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console." } ], "problemTypes": [ { "descriptions": [ { "description": "Hidden Functionality", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-18T09:39:29.926Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://www.elecom.co.jp/news/security/20230810-01/" }, { "url": "https://jvn.jp/en/vu/JVNVU91630351/" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2023-38576", "datePublished": "2023-08-18T09:39:29.926Z", "dateReserved": "2023-08-09T11:54:54.852Z", "dateUpdated": "2024-08-02T17:46:56.360Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-38576\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2023-08-18T10:15:11.427\",\"lastModified\":\"2023-08-24T18:26:00.547\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de funcionalidad oculta en LAN-WH300N/RE todas las versiones proporcionadas por LOGITEC CORPORATION permite a un usuario autenticado ejecutar comandos arbitrarios del sistema operativo en una determinada consola de gesti\u00f3n.\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.0,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:elecom:lan-wh300n\\\\/re_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A390ECFE-A202-4D3E-821C-F20F53A0AC04\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:elecom:lan-wh300n\\\\/re:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37E180DC-F324-4A49-88BC-72BF7A756FED\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU91630351/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.elecom.co.jp/news/security/20230810-01/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
cve-2023-38576
Vulnerability from jvndb
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002797.html", "dc:date": "2024-08-29T09:39+09:00", "dcterms:issued": "2023-08-15T11:54+09:00", "dcterms:modified": "2024-08-29T09:39+09:00", "description": "Multiple network devices provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below.\r\n\r\n * Hidden Functionality (CWE-912) - CVE-2023-32626, CVE-2023-35991, CVE-2023-39445\r\n * Telnet service access restriction failure (CWE-284) - CVE-2023-38132\r\n * Hidden Functionality (CWE-912) - CVE-2023-38576\r\n * Buffer overflow (CWE-120) - CVE-2023-39454\r\n * OS Command Injection (CWE-78) - CVE-2023-39455, CVE-2023-40072\r\n * OS Command Injection (CWE-78) - CVE-2023-39944, CVE-2023-40069\r\n\r\nChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.", "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002797.html", "sec:cpe": [ { "#text": "cpe:/a:elecom:wab-i1750-ps", "@product": "WAB-I1750-PS", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/a:elecom:wab-s1167-ps", "@product": "WAB-S1167-PS", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-m1775-ps_firmware", "@product": "WAB-M1775-PS firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-m2133_firmware", "@product": "WAB-M2133 firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-s1167_firmware", "@product": "WAB-S1167 firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-s1775_firmware", "@product": "WAB-S1775 firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-s300_firmware", "@product": "WAB-S300", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-s600-ps_firmware", "@product": "WAB-S600-PS", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1167ghbk2_firmware", "@product": "WRC-1167GHBK2 firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1467ghbk-a_firmware", "@product": "WRC-1467GHBK-A", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1467ghbk-s_firmware", "@product": "WRC-1467GHBK-S", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1750ghbk-e_firmware", "@product": "WRC-1750GHBK-E firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1750ghbk2-i_firmware", "@product": "WRC-1750GHBK2-I firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1750ghbk_firmware", "@product": "WRC-1750GHBK firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1900ghbk-a_firmware", "@product": "WRC-1900GHBK-A", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1900ghbk-s_firmware", "@product": "WRC-1900GHBK-S", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-600ghbk-a_firmware", "@product": "WRC-600GHBK-A", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-733febk2-a_firmware", "@product": "WRC-733FEBK2-A", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-f1167acf2_firmware", "@product": "WRC-F1167ACF2", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-f1167acf_firmware", "@product": "WRC-F1167ACF firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-x1800gs-b_firmware", "@product": "WRC-X1800GS-B", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-x1800gsa-b_firmware", "@product": "WRC-X1800GSA-B", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-x1800gsh-b_firmware", "@product": "WRC-X1800GSH-B", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w300n%2fdr_firmware", "@product": "LAN-W300N/DR", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w300n%2fpr5_firmware", "@product": "LAN-W300N/PR5", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w300n%2fp_firmware", "@product": "LAN-W300N/P firmware", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w300n%2frs_firmware", "@product": "LAN-W300N/RS firmware", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w451ngr_firmware", "@product": "LAN-W451NGR", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300an%2fdgp_firmware", "@product": "LAN-WH300AN/DGP", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300andgpe_firmware", "@product": "LAN-WH300ANDGPE", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300n%2fdgp_firmware", "@product": "LAN-WH300N/DGP firmware", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300n%2fdr_firmware", "@product": "LAN-WH300N/DR", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300n%2fre_firmware", "@product": "LAN-WH300N/RE", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh450n%2fgp_firmware", "@product": "LAN-WH450N/GP", "@vendor": "Logitec Corp.", "@version": "2.2" } ], "sec:cvss": [ { "@score": "5.8", "@severity": "Medium", "@type": "Base", "@vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "@version": "2.0" }, { "@score": "8.8", "@severity": "High", "@type": "Base", "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "@version": "3.0" } ], "sec:identifier": "JVNDB-2023-002797", "sec:references": [ { "#text": "http://jvn.jp/en/vu/JVNVU91630351/index.html", "@id": "JVNVU#91630351", "@source": "JVN" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32626", "@id": "CVE-2023-32626", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-35991", "@id": "CVE-2023-35991", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-38132", "@id": "CVE-2023-38132", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-38576", "@id": "CVE-2023-38576", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39445", "@id": "CVE-2023-39445", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39454", "@id": "CVE-2023-39454", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39455", "@id": "CVE-2023-39455", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39944", "@id": "CVE-2023-39944", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-40069", "@id": "CVE-2023-40069", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-40072", "@id": "CVE-2023-40072", "@source": "CVE" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32626", "@id": "CVE-2023-32626", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-35991", "@id": "CVE-2023-35991", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38132", "@id": "CVE-2023-38132", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38576", "@id": "CVE-2023-38576", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39445", "@id": "CVE-2023-39445", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39454", "@id": "CVE-2023-39454", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39455", "@id": "CVE-2023-39455", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39944", "@id": "CVE-2023-39944", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40069", "@id": "CVE-2023-40069", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40072", "@id": "CVE-2023-40072", "@source": "NVD" }, { "#text": "https://cwe.mitre.org/data/definitions/120.html", "@id": "CWE-120", "@title": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)(CWE-120)" }, { "#text": "https://cwe.mitre.org/data/definitions/284.html", "@id": "CWE-284", "@title": "Improper Access Control(CWE-284)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-78", "@title": "OS Command Injection(CWE-78)" }, { "#text": "https://cwe.mitre.org/data/definitions/912.html", "@id": "CWE-912", "@title": "Hidden Functionality(CWE-912)" } ], "title": "Multiple vulnerabilities in ELECOM and LOGITEC network devices" }
var-202308-2596
Vulnerability from variot
Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console. Network equipment provided by ELECOM Co., Ltd. and Logitech Co., Ltd. contains the following multiple vulnerabilities. * Unpublished features (CWE-912) - CVE-2023-32626 , CVE-2023-35991 , CVE-2023-39445 It was * Telnet Inadequate access restrictions to services (CWE-284) - CVE-2023-38132 It was * Unpublished features (CWE-912) - CVE-2023-38576 It was * buffer overflow (CWE-120) - CVE-2023-39454 It was * OS Command injection (CWE-78) - CVE-2023-39455 , CVE-2023-40072 It was * OS Command injection (CWE-78) - CVE-2023-39944 , CVE-2023-40069 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party with access to the product logs into a specific operation screen and performs arbitrary operations. OS Command is executed - CVE-2023-32626 , CVE-2023-35991 It was * by a third party who has access to the product; telnet logged into the service - CVE-2023-38132 It was * A third party who can log in to the product may perform arbitrary actions from a specific operation screen. OS Command is executed - CVE-2023-38576 It was * A third party with access to the product sends a specially crafted file to a specific operation screen and executes arbitrary code. - CVE-2023-39445 It was * Arbitrary code can be executed by a third party who has access to the product - CVE-2023-39454 It was * A third party who can log in to the product sends a specially crafted request and sends an arbitrary request. OS Command is executed - CVE-2023-39455 , CVE-2023-40072 It was * A third party with access to the product may send a specially crafted request to OS Command is executed - CVE-2023-39944 , CVE-2023-40069
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202308-2596", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "lan-wh300n\\/re", "scope": "eq", "trust": 1.0, "vendor": "elecom", "version": "*" }, { "model": "lan-w300n/dr", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1167ghbk2", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-w300n/rs", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300n/re", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1750ghbk-e", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1900ghbk-s", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-x1800gsa-b", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wab-s600-ps", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-733febk2-a", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-f1167acf", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-x1800gsh-b", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-600ghbk-a", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wab-s300", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1750ghbk2-i", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1467ghbk-s", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-w300n/p", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-w300n/pr5", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1900ghbk-a", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300an/dgp", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wab-m1775-ps", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wab-s1167", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1750ghbk", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh450n/gp", "scope": "eq", "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": "all s (cve-2023-35991)" }, { "model": "wab-s1775", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-x1800gs-b", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300n/dr", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300n/dgp", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300andgpe", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-f1167acf2", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1467ghbk-a", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-w451ngr", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-38576" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:elecom:lan-wh300n\\/re_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:elecom:lan-wh300n\\/re:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2023-38576" } ] }, "cve": "CVE-2023-38576", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.1, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 6.8, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2023-002797", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2023-38576", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2023-002797", "trust": 0.8, "value": "Medium" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-38576" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console. Network equipment provided by ELECOM Co., Ltd. and Logitech Co., Ltd. contains the following multiple vulnerabilities. * Unpublished features (CWE-912) - CVE-2023-32626 , CVE-2023-35991 , CVE-2023-39445 It was * Telnet Inadequate access restrictions to services (CWE-284) - CVE-2023-38132 It was * Unpublished features (CWE-912) - CVE-2023-38576 It was * buffer overflow (CWE-120) - CVE-2023-39454 It was * OS Command injection (CWE-78) - CVE-2023-39455 , CVE-2023-40072 It was * OS Command injection (CWE-78) - CVE-2023-39944 , CVE-2023-40069 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party with access to the product logs into a specific operation screen and performs arbitrary operations. OS Command is executed - CVE-2023-32626 , CVE-2023-35991 It was * by a third party who has access to the product; telnet logged into the service - CVE-2023-38132 It was * A third party who can log in to the product may perform arbitrary actions from a specific operation screen. OS Command is executed - CVE-2023-38576 It was * A third party with access to the product sends a specially crafted file to a specific operation screen and executes arbitrary code. - CVE-2023-39445 It was * Arbitrary code can be executed by a third party who has access to the product - CVE-2023-39454 It was * A third party who can log in to the product sends a specially crafted request and sends an arbitrary request. OS Command is executed - CVE-2023-39455 , CVE-2023-40072 It was * A third party with access to the product may send a specially crafted request to OS Command is executed - CVE-2023-39944 , CVE-2023-40069", "sources": [ { "db": "NVD", "id": "CVE-2023-38576" }, { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "VULMON", "id": "CVE-2023-38576" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "JVN", "id": "JVNVU91630351", "trust": 1.9 }, { "db": "NVD", "id": "CVE-2023-38576", "trust": 1.9 }, { "db": "JVNDB", "id": "JVNDB-2023-002797", "trust": 0.8 }, { "db": "VULMON", "id": "CVE-2023-38576", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-38576" }, { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-38576" } ] }, "id": "VAR-202308-2596", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.6666667 }, "last_update_date": "2024-01-24T22:29:00.949000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "wireless LAN Request for switching to alternative products for some network products such as routers ELECOM CO., LTD.", "trust": 0.8, "url": "https://www.elecom.co.jp/news/security/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "Classic buffer overflow (CWE-120) [ others ]", "trust": 0.8 }, { "problemtype": " Inappropriate access control (CWE-284) [ others ]", "trust": 0.8 }, { "problemtype": "OS Command injection (CWE-78) [ others ]", "trust": 0.8 }, { "problemtype": " Unpublished features (CWE-912) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-38576" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.1, "url": "https://jvn.jp/en/vu/jvnvu91630351/" }, { "trust": 1.1, "url": "https://www.elecom.co.jp/news/security/20230810-01/" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu91630351/index.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-38576" }, { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-38576" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-38576" }, { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-38576" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-08-18T00:00:00", "db": "VULMON", "id": "CVE-2023-38576" }, { "date": "2023-08-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "date": "2023-08-18T10:15:11.427000", "db": "NVD", "id": "CVE-2023-38576" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-08-18T00:00:00", "db": "VULMON", "id": "CVE-2023-38576" }, { "date": "2024-01-24T04:50:00", "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "date": "2023-08-24T18:26:00.547000", "db": "NVD", "id": "CVE-2023-38576" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple vulnerabilities in ELECOM and Logitech network equipment", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" } ], "trust": 0.8 } }
gsd-2023-38576
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2023-38576", "id": "GSD-2023-38576" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-38576" ], "details": "Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console.", "id": "GSD-2023-38576", "modified": "2023-12-13T01:20:35.791394Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2023-38576", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "LAN-WH300N/RE", "version": { "version_data": [ { "version_affected": "=", "version_value": "all versions" } ] } } ] }, "vendor_name": "LOGITEC CORPORATION" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Hidden Functionality" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.elecom.co.jp/news/security/20230810-01/", "refsource": "MISC", "url": "https://www.elecom.co.jp/news/security/20230810-01/" }, { "name": "https://jvn.jp/en/vu/JVNVU91630351/", "refsource": "MISC", "url": "https://jvn.jp/en/vu/JVNVU91630351/" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:elecom:lan-wh300n\\/re_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:elecom:lan-wh300n\\/re:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2023-38576" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ] }, "references": { "reference_data": [ { "name": "https://jvn.jp/en/vu/JVNVU91630351/", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://jvn.jp/en/vu/JVNVU91630351/" }, { "name": "https://www.elecom.co.jp/news/security/20230810-01/", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://www.elecom.co.jp/news/security/20230810-01/" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.1, "impactScore": 5.9 } }, "lastModifiedDate": "2023-08-24T18:26Z", "publishedDate": "2023-08-18T10:15Z" } } }
ghsa-8gg3-87g6-9gj3
Vulnerability from github
Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console.
{ "affected": [], "aliases": [ "CVE-2023-38576" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-08-18T10:15:11Z", "severity": "HIGH" }, "details": "Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console.", "id": "GHSA-8gg3-87g6-9gj3", "modified": "2024-04-04T07:02:47Z", "published": "2023-08-18T12:30:14Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38576" }, { "type": "WEB", "url": "https://jvn.jp/en/vu/JVNVU91630351" }, { "type": "WEB", "url": "https://www.elecom.co.jp/news/security/20230810-01" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }