CVE-2023-35991

{"id": "CVE-2023-35991", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-08-18T10:15:10.267", "references": [{"url": "https://jvn.jp/en/vu/JVNVU91630351/", "tags": ["Third Party Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://www.elecom.co.jp/news/security/20230810-01/", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions."}], "lastModified": "2023-08-29T18:58:15.803", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:elecom:lan-wh300andgpe_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C80C5EED-C11F-406F-A12D-93394399DABF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:elecom:lan-wh300andgpe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98BCD9E6-DF0B-4461-9B01-E34FB0E62C90"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:elecom:lan-wh300n\\/dgp_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B86CEF6B-25E8-4607-B628-D1489636155B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:elecom:lan-wh300n\\/dgp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B27DECBE-877C-4888-A4B0-C0A65A590640"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:elecom:lan-wh300an\\/dgp_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E495CC1C-9322-4B9A-93D4-50FA8FE409EB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:elecom:lan-wh300an\\/dgp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CEFA728A-9DAB-45A5-9289-58F8E6F98EE9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:elecom:lan-wh450n\\/gp_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FF7989C-3F41-4601-A09B-FAF622022C2D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:elecom:lan-wh450n\\/gp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2D09E3E3-0A1B-430F-AB4B-3E352510C3AC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:elecom:lan-w300n\\/p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B719FD0E-EB75-4B62-BADF-3C9823B69210"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:elecom:lan-w300n\\/p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BAD881BC-A228-4402-8A09-5E862B448A62"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:elecom:lan-wh300n\\/dr_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EB9404A-109C-42A4-8EF7-6750F9A3CA78"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:elecom:lan-wh300n\\/dr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6033A1F2-32BF-4F29-B4BB-111B871D6391"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:elecom:lan-w300n\\/dr_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3269F8A1-68A5-420B-8EEE-00895FB2D854"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:elecom:lan-w300n\\/dr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1FF0FFE9-F32F-46AC-8154-04F97680F786"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vultures@jpcert.or.jp"}