6.5

CVE-2023-43757

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ElecomWrc-2533ghbk2-t Firmware Version-
   ElecomWrc-2533ghbk2-t Version-
ElecomWrc-2533ghbk-i Firmware Version-
   ElecomWrc-2533ghbk-i Version-
ElecomWrc-1750ghbk2-i Firmware Version-
   ElecomWrc-1750ghbk2-i Version-
ElecomWrc-1750ghbk-e Firmware Version-
   ElecomWrc-1750ghbk-e Version-
ElecomWrc-1750ghbk Firmware Version-
   ElecomWrc-1750ghbk Version-
ElecomWrc-1167ghbk2 Firmware Version-
   ElecomWrc-1167ghbk2 Version-
ElecomWrc-1167ghbk Firmware Version-
   ElecomWrc-1167ghbk Version-
ElecomWrc-f1167acf Firmware Version-
   ElecomWrc-f1167acf Version-
ElecomWrc-733ghbk Firmware Version-
   ElecomWrc-733ghbk Version-
ElecomWrc-733ghbk-i Firmware Version-
   ElecomWrc-733ghbk-i Version-
ElecomWrc-733ghbk-c Firmware Version-
   ElecomWrc-733ghbk-c Version-
ElecomWrc-300ghbk2-i Firmware Version-
   ElecomWrc-300ghbk2-i Version-
ElecomWrc-300ghbk Firmware Version-
   ElecomWrc-300ghbk Version-
ElecomWrc-733febk Firmware Version-
   ElecomWrc-733febk Version-
ElecomWrc-300febk Firmware Version-
   ElecomWrc-300febk Version-
ElecomWrc-f300nf Firmware Version-
   ElecomWrc-f300nf Version-
ElecomWrh-300wh-h Firmware Version-
   ElecomWrh-300wh-h Version-
ElecomWrh-300bk Firmware Version-
   ElecomWrh-300bk Version-
ElecomWrh-300wh Firmware Version-
   ElecomWrh-300wh Version-
ElecomWrh-300rd Firmware Version-
   ElecomWrh-300rd Version-
ElecomWrh-300sv Firmware Version-
   ElecomWrh-300sv Version-
ElecomWrh-300bk-s Firmware Version-
   ElecomWrh-300bk-s Version-
ElecomWrh-300wh-s Firmware Version-
   ElecomWrh-300wh-s Version-
ElecomWrh-300bk2-s Firmware Version-
   ElecomWrh-300bk2-s Version-
ElecomWrh-300wh2-s Firmware Version-
   ElecomWrh-300wh2-s Version-
ElecomWrh-h300bk Firmware Version-
   ElecomWrh-h300bk Version-
ElecomWrh-h300wh Firmware Version-
   ElecomWrh-h300wh Version-
ElecomWrh-150bk Firmware Version-
   ElecomWrh-150bk Version-
ElecomWrh-150wh Firmware Version-
   ElecomWrh-150wh Version-
ElecomLan-w300n/rs Firmware Version-
   ElecomLan-w300n/rs Version-
ElecomLan-w301nr Firmware Version-
   ElecomLan-w301nr Version-
ElecomLan-w300n/p Firmware Version-
   ElecomLan-w300n/p Version-
ElecomLan-wh300n/dgp Firmware Version-
   ElecomLan-wh300n/dgp Version-
ElecomLan-wh300ndgpe Firmware Version-
   ElecomLan-wh300ndgpe Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.134
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.