Published:2024/03/26  Last Updated:2024/11/26

JVNVU#95381465
Multiple vulnerabilities in ELECOM wireless LAN routers

Overview

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities.

Products Affected

CVE-2024-25568

  • WRC-X3200GST3-B v1.25 and earlier
  • WRC-G01-W v1.24 and earlier
  • WMC-X1800GST-B v1.41 and earlier
CVE-2024-26258
  • WRC-X3200GST3-B v1.25 and earlier
  • WRC-G01-W v1.24 and earlier
  • WRC-1167GST2 v1.32 and earlier
  • WRC-2533GST2 v1.30 and earlier
CVE-2024-29225
  • WRC-X3200GST3-B v1.25 and earlier
  • WRC-G01-W v1.24 and earlier
WMC-X1800GST-B is also included in e-Mesh Starter Kit "WMC-2LX-B" provided by ELECOM CO.,LTD.

Description

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below.

  • OS Command Injection (CWE-78) - CVE-2024-25568
    CVSS v3 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 8.8
    CVSS v2 AV:A/AC:L/Au:N/C:P/I:P/A:P Base Score: 5.8
  • OS Command Injection (CWE-78) - CVE-2024-26258
    CVSS v3 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score: 6.8
    CVSS v2 AV:A/AC:L/Au:S/C:P/I:P/A:P Base Score: 5.2
  • Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) - CVE-2024-29225
    CVSS v3 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score: 6.5
    CVSS v2 AV:A/AC:L/Au:N/C:P/I:N/A:N Base Score: 3.3

Impact

  • An unauthenticated attacker may execute an arbitrary OS command by sending a specially crafted request - CVE-2024-25568
  • A user with credentials may execute an arbitrary OS command by sending a specially crafted request - CVE-2024-26258
  • An unauthenticated attacker may obtain the configuration file containing sensitive information by sending a specially crafted request - CVE-2024-29225

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
ELECOM CO.,LTD. Vulnerable 2024/11/14 ELECOM CO.,LTD. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2024-25568
CVE-2024-26258
CVE-2024-29225
JVN iPedia

Update History

2024/05/28
ELECOM CO.,LTD. update status
2024/05/28
Information under the section [Title], [Overview], [Products Affected], and [Description] was updated
2024/08/27
ELECOM CO.,LTD. update status
2024/08/27
Information under the section [Products Affected] was updated
2024/11/26
ELECOM CO.,LTD. update status
2024/11/26
Information under the section [Products Affected] was updated