CVE-2023-43757

CVE-2023-43757

EPSS 0.5%

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

Productos afectados

ELECOM CO.,LTD. · LAN-W300N/P ELECOM CO.,LTD. · LAN-W300N/RS ELECOM CO.,LTD. · LAN-W301NR ELECOM CO.,LTD. · LAN-WH300N/DGP ELECOM CO.,LTD. · LAN-WH300NDGPE ELECOM CO.,LTD. · WRC-1167GHBK ELECOM CO.,LTD. · WRC-1167GHBK2 ELECOM CO.,LTD. · WRC-1750GHBK ELECOM CO.,LTD. · WRC-1750GHBK2-I ELECOM CO.,LTD. · WRC-1750GHBK-E ELECOM CO.,LTD. · WRC-2533GHBK2-T ELECOM CO.,LTD. · WRC-2533GHBK-I ELECOM CO.,LTD. · WRC-300FEBK ELECOM CO.,LTD. · WRC-300GHBK ELECOM CO.,LTD. · WRC-300GHBK2-I ELECOM CO.,LTD. · WRC-733FEBK ELECOM CO.,LTD. · WRC-733GHBK ELECOM CO.,LTD. · WRC-733GHBK-C ELECOM CO.,LTD. · WRC-733GHBK-I ELECOM CO.,LTD. · WRC-F1167ACF ELECOM CO.,LTD. · WRC-F300NF ELECOM CO.,LTD. · WRH-150BK ELECOM CO.,LTD. · WRH-150WH ELECOM CO.,LTD. · WRH-300BK ELECOM CO.,LTD. · WRH-300BK2-S ELECOM CO.,LTD. · WRH-300BK-S ELECOM CO.,LTD. · WRH-300RD ELECOM CO.,LTD. · WRH-300SV ELECOM CO.,LTD. · WRH-300WH ELECOM CO.,LTD. · WRH-300WH2-S ELECOM CO.,LTD. · WRH-300WH-H ELECOM CO.,LTD. · WRH-300WH-S ELECOM CO.,LTD. · WRH-H300BK ELECOM CO.,LTD. · WRH-H300WH

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://jvn.jp/en/vu/JVNVU94119876/https://www.elecom.co.jp/news/security/20210706-01/https://www.elecom.co.jp/news/security/20230810-01/https://www.elecom.co.jp/news/security/20231114-01/