Published:2024/02/20 Last Updated:2024/03/26
JVNVU#99444194
ELECOM wireless LAN routers vulnerable to OS command injection
Overview
Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability.
Products Affected
- WRC-1167GS2-B v1.67 and earlier
- WRC-1167GS2H-B v1.67 and earlier
- WRC-2533GS2-B v1.62 and earlier
- WRC-2533GS2-W v1.62 and earlier
- WRC-2533GS2V-B v1.62 and earlier
- WRC-X3200GST3-B v1.25 and earlier
- WRC-G01-W v1.24 and earlier
Description
Wireless LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability (CWE-78).
Impact
If a logged-in user with an administrative privilege sends a specially crafted request to the affected product, an arbitrary OS command may be executed.
Solution
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| ELECOM CO.,LTD. | Vulnerable | 2024/03/21 | ELECOM CO.,LTD. website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
CVSS v3
CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score:
6.8
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
CVSS v2
AV:A/AC:L/Au:S/C:P/I:P/A:P
Base Score:
5.2
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2024-25579 |
| JVN iPedia |
|
Update History
- 2024/03/26
- ELECOM CO.,LTD. update status
- 2024/03/26
- Information under the section [Products Affected] was updated