Vulnerability Description
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Elecom | Wrc-2533Ghbk2-T Firmware | - |
| Elecom | Wrc-2533Ghbk2-T | - |
| Elecom | Wrc-2533Ghbk-I Firmware | - |
| Elecom | Wrc-2533Ghbk-I | - |
| Elecom | Wrc-1750Ghbk2-I Firmware | - |
| Elecom | Wrc-1750Ghbk2-I | - |
| Elecom | Wrc-1750Ghbk-E Firmware | - |
| Elecom | Wrc-1750Ghbk-E | - |
| Elecom | Wrc-1750Ghbk Firmware | - |
| Elecom | Wrc-1750Ghbk | - |
| Elecom | Wrc-1167Ghbk2 Firmware | - |
| Elecom | Wrc-1167Ghbk2 | - |
| Elecom | Wrc-1167Ghbk Firmware | - |
| Elecom | Wrc-1167Ghbk | - |
| Elecom | Wrc-F1167Acf Firmware | - |
| Elecom | Wrc-F1167Acf | - |
| Elecom | Wrc-733Ghbk Firmware | - |
| Elecom | Wrc-733Ghbk | - |
| Elecom | Wrc-733Ghbk-I Firmware | - |
| Elecom | Wrc-733Ghbk-I | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/vu/JVNVU94119876/Third Party Advisory
- https://www.elecom.co.jp/news/security/20210706-01/Third Party Advisory
- https://www.elecom.co.jp/news/security/20230810-01/Third Party Advisory
- https://www.elecom.co.jp/news/security/20231114-01/Third Party Advisory
- https://jvn.jp/en/vu/JVNVU94119876/Third Party Advisory
- https://www.elecom.co.jp/news/security/20210706-01/Third Party Advisory
- https://www.elecom.co.jp/news/security/20230810-01/Third Party Advisory
- https://www.elecom.co.jp/news/security/20231114-01/Third Party Advisory
FAQ
What is CVE-2023-43757?
CVE-2023-43757 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used...
How severe is CVE-2023-43757?
CVE-2023-43757 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-43757?
Check the references section above for vendor advisories and patch information. Affected products include: Elecom Wrc-2533Ghbk2-T Firmware, Elecom Wrc-2533Ghbk2-T, Elecom Wrc-2533Ghbk-I Firmware, Elecom Wrc-2533Ghbk-I, Elecom Wrc-1750Ghbk2-I Firmware.