CVE-2023-40072 - Vulnerability Details - OpenCVE

OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Elecom	Wab-s300 Wab-s300 Firmware Wab-s600-ps Wab-s600-ps Firmware

Configuration 1 [-]

AND

cpe:2.3:o:elecom:wab-s600-ps_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wab-s600-ps:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:elecom:wab-s300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:elecom:wab-s300:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU91630351/
https://www.elecom.co.jp/news/security/20230810-01/
https://www.elecom.co.jp/news/security/20231114-01/

History

Thu, 03 Jul 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 09 Sep 2024 07:00:00 +0000

Type	Values Removed	Values Added
Description	OS command injection vulnerability in ELECOM network devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WAB-S600-PS all versions, WAB-S300 all versions, WAB-M1775-PS v1.1.21 and earlier, WAB-S1775 v1.1.9 and earlier, WAB-S1167 v1.0.7 and earlier, and WAB-M2133 v1.3.22 and earlier.	OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2023-08-18T09:45:31.201Z

Updated: 2025-07-03T14:01:25.610Z

Reserved: 2023-08-09T11:54:59.361Z

Link: CVE-2023-40072

Vulnrichment

Updated: 2024-08-02T18:24:55.046Z

NVD

Status : Modified

Published: 2023-08-18T10:15:12.847

Modified: 2025-07-03T14:15:25.430

Link: CVE-2023-40072

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-40072", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2023-08-09T11:54:59.361Z", "datePublished": "2023-08-18T09:45:31.201Z", "dateUpdated": "2025-07-03T14:01:25.610Z"}, "containers": {"cna": {"affected": [{"vendor": "ELECOM CO.,LTD.", "product": "WAB-S600-PS", "versions": [{"version": "all versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S300", "versions": [{"version": "all versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S1775", "versions": [{"version": "v1.1.9 and earlier", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-M1775-PS", "versions": [{"version": "v1.1.21 and earlier", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S1167", "versions": [{"version": "v1.0.7 and earlier", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-M2133", "versions": [{"version": "v1.3.22 and earlier", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-I1750-PS", "versions": [{"version": "v1.5.10 and earlier", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S1167-PS", "versions": [{"version": "v1.5.6 and earlier", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request."}], "problemTypes": [{"descriptions": [{"description": "OS command injection", "lang": "en", "type": "text"}]}], "references": [{"url": "https://www.elecom.co.jp/news/security/20231114-01/"}, {"url": "https://www.elecom.co.jp/news/security/20230810-01/"}, {"url": "https://jvn.jp/en/vu/JVNVU91630351/"}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-09-09T06:39:59.937Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:24:55.046Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.elecom.co.jp/news/security/20231114-01/", "tags": ["x_transferred"]}, {"url": "https://www.elecom.co.jp/news/security/20230810-01/", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/vu/JVNVU91630351/", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-07-03T13:59:50.488318Z", "id": "CVE-2023-40072", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-03T14:01:25.610Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.elecom.co.jp/news/security/20231114-01/", "tags": ["x_transferred"]}, {"url": "https://www.elecom.co.jp/news/security/20230810-01/", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/vu/JVNVU91630351/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:24:55.046Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-40072", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-03T13:59:50.488318Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-03T14:01:11.362Z"}}], "cna": {"affected": [{"vendor": "ELECOM CO.,LTD.", "product": "WAB-S600-PS", "versions": [{"status": "affected", "version": "all versions"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S300", "versions": [{"status": "affected", "version": "all versions"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S1775", "versions": [{"status": "affected", "version": "v1.1.9 and earlier"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-M1775-PS", "versions": [{"status": "affected", "version": "v1.1.21 and earlier"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S1167", "versions": [{"status": "affected", "version": "v1.0.7 and earlier"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-M2133", "versions": [{"status": "affected", "version": "v1.3.22 and earlier"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-I1750-PS", "versions": [{"status": "affected", "version": "v1.5.10 and earlier"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S1167-PS", "versions": [{"status": "affected", "version": "v1.5.6 and earlier"}]}], "references": [{"url": "https://www.elecom.co.jp/news/security/20231114-01/"}, {"url": "https://www.elecom.co.jp/news/security/20230810-01/"}, {"url": "https://jvn.jp/en/vu/JVNVU91630351/"}], "descriptions": [{"lang": "en", "value": "OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "OS command injection"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2024-09-09T06:39:59.937Z"}}}, "cveMetadata": {"cveId": "CVE-2023-40072", "state": "PUBLISHED", "dateUpdated": "2025-07-03T14:01:25.610Z", "dateReserved": "2023-08-09T11:54:59.361Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2023-08-18T09:45:31.201Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wab-s600-ps_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "638B37F3-076A-44C0-83A4-DDAACC669376", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wab-s600-ps:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6C5979C-DE63-4B06-B540-EB734082204A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wab-s300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "59EFC7CC-3A9D-4B54-A887-29160C11EE6D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wab-s300:-:*:*:*:*:*:*:*", "matchCriteriaId": "DCEE7563-FEA0-45D1-AD65-1B78DAF0ED4D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OS command injection vulnerability in ELECOM wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request."}, {"lang": "es", "value": "La vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en los dispositivos de red ELECOM permite a un usuario autenticado ejecutar un comando arbitrario del sistema operativo enviando una solicitud especialmente dise\u00f1ada. Los productos y versiones afectados son los siguientes WAB-S600-PS todas las versiones, WAB-S300 todas las versiones, WAB-M1775-PS v1.1.21 y anteriores, WAB-S1775 v1.1.9 y anteriores, WAB-S1167 v1.0.7 y anteriores, y WAB-M2133 v1.3.22 y anteriores.\n"}], "id": "CVE-2023-40072", "lastModified": "2025-07-03T14:15:25.430", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-08-18T10:15:12.847", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU91630351/"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.elecom.co.jp/news/security/20230810-01/"}, {"source": "[email protected]", "url": "https://www.elecom.co.jp/news/security/20231114-01/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU91630351/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.elecom.co.jp/news/security/20230810-01/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.elecom.co.jp/news/security/20231114-01/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}