CVE-2023-23545

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-23545
Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://jvn.jp/en/jp/JVN14778242/ Third Party Advisory
https://www.monitoring.especmic.co.jp/post/VulnerabilityInRT-12N_RS-12N_RT-22BNandTEU-12N Vendor Advisory
https://www.tandd.com/news/detail.html?id=780 Vendor Advisory
https://jvn.jp/en/jp/JVN14778242/ Third Party Advisory
https://www.monitoring.especmic.co.jp/post/VulnerabilityInRT-12N_RS-12N_RT-22BNandTEU-12N Vendor Advisory
https://www.tandd.com/news/detail.html?id=780 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tandd:tr-71w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tandd:tr-71w:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:tandd:tr-72w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tandd:tr-72w:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:tandd:rtr-5w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tandd:rtr-5w:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:tandd:wdr-7_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tandd:wdr-7:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:tandd:wdr-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tandd:wdr-3:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:tandd:ws-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tandd:ws-2:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:especmic:rt-12n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:especmic:rt-12n:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:especmic:rs-12n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:especmic:rs-12n:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:especmic:rt-22bn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:especmic:rt-22bn:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:especmic:teu-12n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:especmic:teu-12n:-:*:*:*:*:*:*:*
History

21 Nov 2024, 07:46

Type Values Removed Values Added
References () https://jvn.jp/en/jp/JVN14778242/ - Third Party Advisory () https://jvn.jp/en/jp/JVN14778242/ - Third Party Advisory
References () https://www.monitoring.especmic.co.jp/post/VulnerabilityInRT-12N_RS-12N_RT-22BNandTEU-12N - Vendor Advisory () https://www.monitoring.especmic.co.jp/post/VulnerabilityInRT-12N_RS-12N_RT-22BNandTEU-12N - Vendor Advisory
References () https://www.tandd.com/news/detail.html?id=780 - Vendor Advisory () https://www.tandd.com/news/detail.html?id=780 - Vendor Advisory

30 May 2023, 22:21

Type Values Removed Values Added
CWE CWE-306
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.3
First Time Especmic
Tandd wdr-7
Tandd
Tandd rtr-5w
Especmic rs-12n
Especmic rs-12n Firmware
Tandd ws-2 Firmware
Especmic teu-12n Firmware
Especmic rt-12n Firmware
Tandd wdr-3 Firmware
Tandd rtr-5w Firmware
Tandd tr-72w
Tandd wdr-3
Tandd wdr-7 Firmware
Especmic teu-12n
Especmic rt-22bn
Tandd ws-2
Tandd tr-71w
Tandd tr-71w Firmware
Especmic rt-12n
Especmic rt-22bn Firmware
Tandd tr-72w Firmware
CPE cpe:2.3:h:tandd:wdr-7:-:*:*:*:*:*:*:*
cpe:2.3:o:tandd:ws-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:especmic:rt-22bn:-:*:*:*:*:*:*:*
cpe:2.3:h:especmic:rs-12n:-:*:*:*:*:*:*:*
cpe:2.3:o:tandd:tr-72w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tandd:wdr-7_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tandd:tr-72w:-:*:*:*:*:*:*:*
cpe:2.3:h:tandd:tr-71w:-:*:*:*:*:*:*:*
cpe:2.3:o:especmic:rt-12n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:especmic:teu-12n:-:*:*:*:*:*:*:*
cpe:2.3:o:especmic:rs-12n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:especmic:rt-12n:-:*:*:*:*:*:*:*
cpe:2.3:h:tandd:rtr-5w:-:*:*:*:*:*:*:*
cpe:2.3:h:tandd:wdr-3:-:*:*:*:*:*:*:*
cpe:2.3:o:especmic:teu-12n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tandd:rtr-5w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tandd:ws-2:-:*:*:*:*:*:*:*
cpe:2.3:o:tandd:tr-71w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tandd:wdr-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:especmic:rt-22bn_firmware:*:*:*:*:*:*:*:*
References (MISC) https://www.tandd.com/news/detail.html?id=780 - (MISC) https://www.tandd.com/news/detail.html?id=780 - Vendor Advisory
References (MISC) https://jvn.jp/en/jp/JVN14778242/ - (MISC) https://jvn.jp/en/jp/JVN14778242/ - Third Party Advisory
References (MISC) https://www.monitoring.especmic.co.jp/post/VulnerabilityInRT-12N_RS-12N_RT-22BNandTEU-12N - (MISC) https://www.monitoring.especmic.co.jp/post/VulnerabilityInRT-12N_RS-12N_RT-22BNandTEU-12N - Vendor Advisory
Information

Published : 2023-05-23 02:15

Updated : 2024-11-21 07:46

NVD link : CVE-2023-23545

Mitre link : CVE-2023-23545

CVE.ORG link : CVE-2023-23545

JSON object : View

Products Affected

tandd

  • wdr-7_firmware
  • rtr-5w_firmware
  • ws-2_firmware
  • wdr-7
  • rtr-5w
  • tr-71w
  • ws-2
  • tr-71w_firmware
  • tr-72w_firmware
  • wdr-3
  • tr-72w
  • wdr-3_firmware

especmic

  • rt-12n_firmware
  • rs-12n_firmware
  • rt-22bn
  • teu-12n
  • teu-12n_firmware
  • rs-12n
  • rt-22bn_firmware
  • rt-12n
CWE
CWE-306

Missing Authentication for Critical Function


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024