CVE-2023-35991

EPSS 0.6%
Veröffentlicht 18.08.2023 10:15:10
Zuletzt bearbeitet 21.11.2024 08:09:07
Quelle vultures@jpcert.or.jp
CVE-Watchlists
Login
Unerledigt
Login

Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

NVD 7 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Elecom ≫ Lan-wh300andgpe Firmware

Elecom ≫ Lan-wh300andgpe Version-

Elecom ≫ Lan-wh300n/dgp Firmware

Elecom ≫ Lan-wh300n/dgp Version-

Elecom ≫ Lan-wh300an/dgp Firmware

Elecom ≫ Lan-wh300an/dgp Version-

Elecom ≫ Lan-wh450n/gp Firmware

Elecom ≫ Lan-wh450n/gp Version-

Elecom ≫ Lan-w300n/p Firmware

Elecom ≫ Lan-w300n/p Version-

Elecom ≫ Lan-wh300n/dr Firmware

Elecom ≫ Lan-wh300n/dr Version-

Elecom ≫ Lan-w300n/dr Firmware

Elecom ≫ Lan-w300n/dr Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.6%	0.442

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://www.elecom.co.jp/news/security/20230810-01/

Vendor Advisory

https://jvn.jp/en/vu/JVNVU91630351/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-35991

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-35991

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-35991

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-35991