Action not permitted
Modal body text goes here.
cve-2023-39454
Vulnerability from cvelistv5
Source | URL | Tags |
---|---|---|
vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU91630351/ | Third Party Advisory |
vultures@jpcert.or.jp | https://www.elecom.co.jp/news/security/20230711-01/ | Vendor Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:10:20.682Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.elecom.co.jp/news/security/20230711-01/" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU91630351/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "WRC-X1800GS-B", "vendor": "ELECOM CO.,LTD.", "versions": [ { "status": "affected", "version": "v1.13 and earlier" } ] }, { "product": "WRC-X1800GSA-B", "vendor": "ELECOM CO.,LTD.", "versions": [ { "status": "affected", "version": "v1.13 and earlier" } ] }, { "product": "WRC-X1800GSH-B", "vendor": "ELECOM CO.,LTD.", "versions": [ { "status": "affected", "version": "v1.13 and earlier" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-18T09:41:14.665Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://www.elecom.co.jp/news/security/20230711-01/" }, { "url": "https://jvn.jp/en/vu/JVNVU91630351/" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2023-39454", "datePublished": "2023-08-18T09:41:14.665Z", "dateReserved": "2023-08-09T11:55:02.234Z", "dateUpdated": "2024-08-02T18:10:20.682Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-39454\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2023-08-18T10:15:12.280\",\"lastModified\":\"2023-08-23T16:48:10.200\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de desbordamiento del b\u00fafer en WRC-X1800GS-B v1.13 y anteriores, WRC-X1800GSA-B v1.13 y anteriores, y WRC-X1800GSH-B v1.13 y anteriores permite a un atacante no autenticado ejecutar c\u00f3digo arbitrario.\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95667B22-5F8C-4774-9E69-2F4B9AF595AC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:elecom:wrc-x1800gs-b_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.13\",\"matchCriteriaId\":\"180230C8-AC98-43BA-8FB9-D32D75B5D004\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3842FA46-4CA2-4ECE-8632-2C74E8D97CDB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:elecom:wrc-x1800gsa-b_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.13\",\"matchCriteriaId\":\"09B2B059-11E9-4D03-A162-B06E56649167\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20EA8B33-784F-44E8-B215-DC2554709100\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:elecom:wrc-x1800gsh-b_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.13\",\"matchCriteriaId\":\"5DD8EAED-69F6-47ED-B521-E675AD501B38\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU91630351/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.elecom.co.jp/news/security/20230711-01/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
cve-2023-39454
Vulnerability from jvndb
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002797.html", "dc:date": "2024-08-29T09:39+09:00", "dcterms:issued": "2023-08-15T11:54+09:00", "dcterms:modified": "2024-08-29T09:39+09:00", "description": "Multiple network devices provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities listed below.\r\n\r\n * Hidden Functionality (CWE-912) - CVE-2023-32626, CVE-2023-35991, CVE-2023-39445\r\n * Telnet service access restriction failure (CWE-284) - CVE-2023-38132\r\n * Hidden Functionality (CWE-912) - CVE-2023-38576\r\n * Buffer overflow (CWE-120) - CVE-2023-39454\r\n * OS Command Injection (CWE-78) - CVE-2023-39455, CVE-2023-40072\r\n * OS Command Injection (CWE-78) - CVE-2023-39944, CVE-2023-40069\r\n\r\nChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.", "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002797.html", "sec:cpe": [ { "#text": "cpe:/a:elecom:wab-i1750-ps", "@product": "WAB-I1750-PS", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/a:elecom:wab-s1167-ps", "@product": "WAB-S1167-PS", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-m1775-ps_firmware", "@product": "WAB-M1775-PS firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-m2133_firmware", "@product": "WAB-M2133 firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-s1167_firmware", "@product": "WAB-S1167 firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-s1775_firmware", "@product": "WAB-S1775 firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-s300_firmware", "@product": "WAB-S300", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wab-s600-ps_firmware", "@product": "WAB-S600-PS", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1167ghbk2_firmware", "@product": "WRC-1167GHBK2 firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1467ghbk-a_firmware", "@product": "WRC-1467GHBK-A", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1467ghbk-s_firmware", "@product": "WRC-1467GHBK-S", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1750ghbk-e_firmware", "@product": "WRC-1750GHBK-E firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1750ghbk2-i_firmware", "@product": "WRC-1750GHBK2-I firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1750ghbk_firmware", "@product": "WRC-1750GHBK firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1900ghbk-a_firmware", "@product": "WRC-1900GHBK-A", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-1900ghbk-s_firmware", "@product": "WRC-1900GHBK-S", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-600ghbk-a_firmware", "@product": "WRC-600GHBK-A", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-733febk2-a_firmware", "@product": "WRC-733FEBK2-A", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-f1167acf2_firmware", "@product": "WRC-F1167ACF2", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-f1167acf_firmware", "@product": "WRC-F1167ACF firmware", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-x1800gs-b_firmware", "@product": "WRC-X1800GS-B", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-x1800gsa-b_firmware", "@product": "WRC-X1800GSA-B", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:elecom:wrc-x1800gsh-b_firmware", "@product": "WRC-X1800GSH-B", "@vendor": "ELECOM CO.,LTD.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w300n%2fdr_firmware", "@product": "LAN-W300N/DR", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w300n%2fpr5_firmware", "@product": "LAN-W300N/PR5", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w300n%2fp_firmware", "@product": "LAN-W300N/P firmware", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w300n%2frs_firmware", "@product": "LAN-W300N/RS firmware", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-w451ngr_firmware", "@product": "LAN-W451NGR", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300an%2fdgp_firmware", "@product": "LAN-WH300AN/DGP", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300andgpe_firmware", "@product": "LAN-WH300ANDGPE", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300n%2fdgp_firmware", "@product": "LAN-WH300N/DGP firmware", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300n%2fdr_firmware", "@product": "LAN-WH300N/DR", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh300n%2fre_firmware", "@product": "LAN-WH300N/RE", "@vendor": "Logitec Corp.", "@version": "2.2" }, { "#text": "cpe:/o:logitec:lan-wh450n%2fgp_firmware", "@product": "LAN-WH450N/GP", "@vendor": "Logitec Corp.", "@version": "2.2" } ], "sec:cvss": [ { "@score": "5.8", "@severity": "Medium", "@type": "Base", "@vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "@version": "2.0" }, { "@score": "8.8", "@severity": "High", "@type": "Base", "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "@version": "3.0" } ], "sec:identifier": "JVNDB-2023-002797", "sec:references": [ { "#text": "http://jvn.jp/en/vu/JVNVU91630351/index.html", "@id": "JVNVU#91630351", "@source": "JVN" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32626", "@id": "CVE-2023-32626", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-35991", "@id": "CVE-2023-35991", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-38132", "@id": "CVE-2023-38132", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-38576", "@id": "CVE-2023-38576", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39445", "@id": "CVE-2023-39445", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39454", "@id": "CVE-2023-39454", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39455", "@id": "CVE-2023-39455", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-39944", "@id": "CVE-2023-39944", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-40069", "@id": "CVE-2023-40069", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-40072", "@id": "CVE-2023-40072", "@source": "CVE" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32626", "@id": "CVE-2023-32626", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-35991", "@id": "CVE-2023-35991", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38132", "@id": "CVE-2023-38132", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38576", "@id": "CVE-2023-38576", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39445", "@id": "CVE-2023-39445", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39454", "@id": "CVE-2023-39454", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39455", "@id": "CVE-2023-39455", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-39944", "@id": "CVE-2023-39944", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40069", "@id": "CVE-2023-40069", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-40072", "@id": "CVE-2023-40072", "@source": "NVD" }, { "#text": "https://cwe.mitre.org/data/definitions/120.html", "@id": "CWE-120", "@title": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)(CWE-120)" }, { "#text": "https://cwe.mitre.org/data/definitions/284.html", "@id": "CWE-284", "@title": "Improper Access Control(CWE-284)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-78", "@title": "OS Command Injection(CWE-78)" }, { "#text": "https://cwe.mitre.org/data/definitions/912.html", "@id": "CWE-912", "@title": "Hidden Functionality(CWE-912)" } ], "title": "Multiple vulnerabilities in ELECOM and LOGITEC network devices" }
var-202308-2592
Vulnerability from variot
Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code. Network equipment provided by ELECOM Co., Ltd. and Logitech Co., Ltd. contains the following multiple vulnerabilities. * Unpublished features (CWE-912) - CVE-2023-32626 , CVE-2023-35991 , CVE-2023-39445 It was * Telnet Inadequate access restrictions to services (CWE-284) - CVE-2023-38132 It was * Unpublished features (CWE-912) - CVE-2023-38576 It was * buffer overflow (CWE-120) - CVE-2023-39454 It was * OS Command injection (CWE-78) - CVE-2023-39455 , CVE-2023-40072 It was * OS Command injection (CWE-78) - CVE-2023-39944 , CVE-2023-40069 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party with access to the product logs into a specific operation screen and performs arbitrary operations. OS Command is executed - CVE-2023-32626 , CVE-2023-35991 It was * by a third party who has access to the product; telnet logged into the service - CVE-2023-38132 It was * A third party who can log in to the product may perform arbitrary actions from a specific operation screen. OS Command is executed - CVE-2023-38576 It was * A third party with access to the product sends a specially crafted file to a specific operation screen and executes arbitrary code. - CVE-2023-39445 It was * Arbitrary code can be executed by a third party who has access to the product - CVE-2023-39454 It was * A third party who can log in to the product sends a specially crafted request and sends an arbitrary request. OS Command is executed - CVE-2023-39455 , CVE-2023-40072 It was * A third party with access to the product may send a specially crafted request to OS Command is executed - CVE-2023-39944 , CVE-2023-40069
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202308-2592", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "wrc-x1800gs-b", "scope": "lte", "trust": 1.0, "vendor": "elecom", "version": "1.13" }, { "model": "wrc-x1800gsh-b", "scope": "lte", "trust": 1.0, "vendor": "elecom", "version": "1.13" }, { "model": "wrc-x1800gsa-b", "scope": "lte", "trust": 1.0, "vendor": "elecom", "version": "1.13" }, { "model": "lan-w300n/dr", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1167ghbk2", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-w300n/rs", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300n/re", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1750ghbk-e", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1900ghbk-s", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-x1800gsa-b", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wab-s600-ps", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-733febk2-a", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-f1167acf", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-x1800gsh-b", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-600ghbk-a", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wab-s300", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1750ghbk2-i", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1467ghbk-s", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-w300n/p", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-w300n/pr5", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1900ghbk-a", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300an/dgp", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wab-m1775-ps", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wab-s1167", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1750ghbk", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh450n/gp", "scope": "eq", "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": "all s (cve-2023-35991)" }, { "model": "wab-s1775", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-x1800gs-b", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300n/dr", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300n/dgp", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-wh300andgpe", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-f1167acf2", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "wrc-1467ghbk-a", "scope": null, "trust": 0.8, "vendor": "\u30a8\u30ec\u30b3\u30e0\u682a\u5f0f\u4f1a\u793e", "version": null }, { "model": "lan-w451ngr", "scope": null, "trust": 0.8, "vendor": "\u30ed\u30b8\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-39454" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:elecom:wrc-x1800gs-b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.13", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:elecom:wrc-x1800gsa-b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.13", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:elecom:wrc-x1800gsh-b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.13", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2023-39454" } ] }, "cve": "CVE-2023-39454", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2023-002797", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2023-39454", "trust": 1.0, "value": "CRITICAL" }, { "author": "OTHER", "id": "JVNDB-2023-002797", "trust": 0.8, "value": "High" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-39454" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code. Network equipment provided by ELECOM Co., Ltd. and Logitech Co., Ltd. contains the following multiple vulnerabilities. * Unpublished features (CWE-912) - CVE-2023-32626 , CVE-2023-35991 , CVE-2023-39445 It was * Telnet Inadequate access restrictions to services (CWE-284) - CVE-2023-38132 It was * Unpublished features (CWE-912) - CVE-2023-38576 It was * buffer overflow (CWE-120) - CVE-2023-39454 It was * OS Command injection (CWE-78) - CVE-2023-39455 , CVE-2023-40072 It was * OS Command injection (CWE-78) - CVE-2023-39944 , CVE-2023-40069 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Reporter : Zero Zero One Co., Ltd. Hayakawa Soraya MrThe expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party with access to the product logs into a specific operation screen and performs arbitrary operations. OS Command is executed - CVE-2023-32626 , CVE-2023-35991 It was * by a third party who has access to the product; telnet logged into the service - CVE-2023-38132 It was * A third party who can log in to the product may perform arbitrary actions from a specific operation screen. OS Command is executed - CVE-2023-38576 It was * A third party with access to the product sends a specially crafted file to a specific operation screen and executes arbitrary code. - CVE-2023-39445 It was * Arbitrary code can be executed by a third party who has access to the product - CVE-2023-39454 It was * A third party who can log in to the product sends a specially crafted request and sends an arbitrary request. OS Command is executed - CVE-2023-39455 , CVE-2023-40072 It was * A third party with access to the product may send a specially crafted request to OS Command is executed - CVE-2023-39944 , CVE-2023-40069", "sources": [ { "db": "NVD", "id": "CVE-2023-39454" }, { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "VULMON", "id": "CVE-2023-39454" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "JVN", "id": "JVNVU91630351", "trust": 1.9 }, { "db": "NVD", "id": "CVE-2023-39454", "trust": 1.9 }, { "db": "JVNDB", "id": "JVNDB-2023-002797", "trust": 0.8 }, { "db": "VULMON", "id": "CVE-2023-39454", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-39454" }, { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-39454" } ] }, "id": "VAR-202308-2592", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.6666667 }, "last_update_date": "2024-01-24T22:29:00.990000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "wireless LAN Request for switching to alternative products for some network products such as routers ELECOM CO., LTD.", "trust": 0.8, "url": "https://www.elecom.co.jp/news/security/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-120", "trust": 1.0 }, { "problemtype": "Classic buffer overflow (CWE-120) [ others ]", "trust": 0.8 }, { "problemtype": " Inappropriate access control (CWE-284) [ others ]", "trust": 0.8 }, { "problemtype": "OS Command injection (CWE-78) [ others ]", "trust": 0.8 }, { "problemtype": " Unpublished features (CWE-912) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-39454" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.1, "url": "https://www.elecom.co.jp/news/security/20230711-01/" }, { "trust": 1.1, "url": "https://jvn.jp/en/vu/jvnvu91630351/" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu91630351/index.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-39454" }, { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-39454" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-39454" }, { "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "db": "NVD", "id": "CVE-2023-39454" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-08-18T00:00:00", "db": "VULMON", "id": "CVE-2023-39454" }, { "date": "2023-08-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "date": "2023-08-18T10:15:12.280000", "db": "NVD", "id": "CVE-2023-39454" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-08-18T00:00:00", "db": "VULMON", "id": "CVE-2023-39454" }, { "date": "2024-01-24T04:50:00", "db": "JVNDB", "id": "JVNDB-2023-002797" }, { "date": "2023-08-23T16:48:10.200000", "db": "NVD", "id": "CVE-2023-39454" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple vulnerabilities in ELECOM and Logitech network equipment", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-002797" } ], "trust": 0.8 } }
gsd-2023-39454
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2023-39454", "id": "GSD-2023-39454" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-39454" ], "details": "Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code.", "id": "GSD-2023-39454", "modified": "2023-12-13T01:20:33.701875Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2023-39454", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "WRC-X1800GS-B", "version": { "version_data": [ { "version_affected": "=", "version_value": "v1.13 and earlier" } ] } }, { "product_name": "WRC-X1800GSA-B", "version": { "version_data": [ { "version_affected": "=", "version_value": "v1.13 and earlier" } ] } }, { "product_name": "WRC-X1800GSH-B", "version": { "version_data": [ { "version_affected": "=", "version_value": "v1.13 and earlier" } ] } } ] }, "vendor_name": "ELECOM CO.,LTD." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.elecom.co.jp/news/security/20230711-01/", "refsource": "MISC", "url": "https://www.elecom.co.jp/news/security/20230711-01/" }, { "name": "https://jvn.jp/en/vu/JVNVU91630351/", "refsource": "MISC", "url": "https://jvn.jp/en/vu/JVNVU91630351/" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:elecom:wrc-x1800gs-b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.13", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:elecom:wrc-x1800gsa-b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.13", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:elecom:wrc-x1800gsh-b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.13", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2023-39454" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-120" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.elecom.co.jp/news/security/20230711-01/", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://www.elecom.co.jp/news/security/20230711-01/" }, { "name": "https://jvn.jp/en/vu/JVNVU91630351/", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://jvn.jp/en/vu/JVNVU91630351/" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } }, "lastModifiedDate": "2023-08-23T16:48Z", "publishedDate": "2023-08-18T10:15Z" } } }
ghsa-j7fc-gchv-r7mc
Vulnerability from github
Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code.
{ "affected": [], "aliases": [ "CVE-2023-39454" ], "database_specific": { "cwe_ids": [ "CWE-120" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-08-18T10:15:12Z", "severity": "CRITICAL" }, "details": "Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code.", "id": "GHSA-j7fc-gchv-r7mc", "modified": "2024-04-04T07:02:55Z", "published": "2023-08-18T12:30:14Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39454" }, { "type": "WEB", "url": "https://jvn.jp/en/vu/JVNVU91630351" }, { "type": "WEB", "url": "https://www.elecom.co.jp/news/security/20230711-01" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }