Information from T&D Corporation
Vulnerability ID:JVN#14778242
Title:Multiple vulnerabilities in T&D and ESPEC MIC data logger products
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
Vulnerabilities have been found in some discontinued products.
Please check the details of the vulnerabilities and either stop using the affected products or review your operating environment.
[[Products provided by T&D Corporation]]
・TR-71W/72W all firmware versions
・RTR-5W all firmware versions
・WDR-7 all firmware versions
・WDR-3 all firmware versions
・WS-2 all firmware versions
[[Products provided by ESPEC MIC CORP.]]
・RT-12N/RS-12N all firmware versions
・RT-22BN all firmware versions
・TEU-12N all firmware versions
[[Vulnerability Report Provided by JPCERT]]
・Client-Side Enforcement of Server-Side Security (CVE-602) [CVE-2023-22654]
・Improper Authentication (CWE-287) [CVE-2023-27388]
・Lack of Authentication for Critical Functionality (CWE-306) [CVE-2023-23545]
・Cross-Site Request Forgery (CWE-352) [CVE-2023-27387]
[[Descriptions of Vulnerabilities]]
Possible impacts of each vulnerability are as follows.
・[CVE-2023-22654] Arbitrary scripts can be executed via a web browser while logged into the target product.
・[CVE-2023-27388] This vulnerability allows an attacker with access to the target product to log in as an authorized user to the target product.
・[CVE-2023-23545] This vulnerability allows an attacker with access to the target product to tamper with the settings of the target product without authentication.
・[CVE-2023-27387] This vulnerability allows a user who is logged in to the target product to perform unintended operations on the target device when accessing a doctored page.
[[Response to Vulnerabilities]]
The manufacture and sale of the above products were discontinued by 2014.
For some of the affected products, there are updates with improved security features but these updates do not address the above vulnerabilities. As the only permanent measure to protect from these vulnerabilities, we strongly suggest that you stop using the affected products.
While still using the affected products, the following measures are recommended.
[[How to Mitigate the Impact of Found Vulnerabilities]]
Configure the network in which the target product is connected as a reliable closed network to ensure secure access.
Fix accessible devices by using IP address restrictions, etc. at the upper levels of the network of the target product.
Install a Web Application Firewall (WAF) above the network of the target product to filter attacks.
[[Products with Updates for Improved Security]]
T&D Corporation's products:
・TR-71W/72W
ESPEC MIC CORP.'s products
・RT-12N/RS-12N
Note that even using this updated version will not guard against the above mentioned vulnerabilities.
[[NewsRelease]]
Japanese: https://www.tandd.co.jp/news/detail.html?id=616
English: https://www.tandd.com/news/detail.html?id=780