JVN#96783542
Multiple vulnerabilities in multiple LOGITEC products
Overview
Multiple products provided by LOGITEC CORPORATION contain multiple vulnerabilities.
Products Affected
CVE-2021-20635
- LAN-WH450N/GR
- LAN-W300N/PR5B
- LAN-W300N/PGRB
- LAN-W300N/RS
Description
Multiple products provided by LOGITEC CORPORATION contain multiple vulnerabilities listed below.
- Improper restriction of excessive authentication attempts (CWE-307) - CVE-2021-20635
-
CVSS v3 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score: 4.3 CVSS v2 AV:A/AC:L/Au:N/C:P/I:N/A:N Base Score: 3.3 - Cross-site request forgery (CWE-352) - CVE-2021-20636, CVE-2021-20641
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score: 4.3 CVSS v2 AV:N/AC:H/Au:N/C:P/I:P/A:N Base Score: 4.0 - Improper check or handling of exceptional conditions (CWE-703) - CVE-2021-20637, CVE-2021-20642
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Base Score: 4.3 CVSS v2 AV:N/AC:H/Au:N/C:N/I:N/A:P Base Score: 2.6 - OS command injection (CWE-78) - CVE-2021-20638
CVSS v3 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score: 6.8 CVSS v2 AV:A/AC:L/Au:S/C:P/I:P/A:P Base Score: 5.2 - OS command injection (CWE-78) - CVE-2021-20639
CVSS v3 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score: 6.8 CVSS v2 AV:A/AC:L/Au:S/C:P/I:P/A:P Base Score: 5.2 - Buffer overflow (CWE-119) - CVE-2021-20640
CVSS v3 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score: 6.8 CVSS v2 AV:A/AC:L/Au:S/C:P/I:P/A:P Base Score: 5.2
Impact
- An attacker in the wireless range of the device may recover PIN and access the network - CVE-2021-20635
- If a user who is logging into the administrative web page of the device accesses a specially crafted URL, unintended operation to the device such as changes of the device settings may be conducted - CVE-2021-20636, CVE-2021-20641
- If a user who is logging into the administrative web page of the device accesses a specially crafted URL, that may lead to a denial-of-service (DoS) condition - CVE-2021-20637, CVE-2021-20642
- An attacker who can access the administrative web page of the device may execute arbitrary OS command - CVE-2021-20638, CVE-2021-20639, CVE-2021-20640
Solution
Stop using the products
The developer states these vulnerable products are no longer supported, therefore stop using the products.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| LOGITEC CORPORATION | Vulnerable | 2021/01/26 | LOGITEC CORPORATION website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
CVE-2021-20635
Takaaki Minegishi and Takeshi Okamoto of Kanagawa Institute of Technology reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2021-20636, CVE-2021-20637, CVE-2021-20642
Shuto Imai of LAC Co., Ltd. reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2021-20638, CVE-2021-20639, CVE-2021-20640
Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2021-20641
Shuto Imai of LAC Co., Ltd. and Atsuo Sakurai of TECHMATRIX CORPORATION reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2021-20635 |
|
CVE-2021-20636 |
|
|
CVE-2021-20637 |
|
|
CVE-2021-20638 |
|
|
CVE-2021-20639 |
|
|
CVE-2021-20640 |
|
|
CVE-2021-20641 |
|
|
CVE-2021-20642 |
|
| JVN iPedia |
JVNDB-2021-000010 |