How severe is CVE-2023-37563?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2023-37563?

This is classified as CWE-922, which is a common weakness in software security.

CVE-2023-37563 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network-adjacent unauthorized attacker to obtain sensitive information. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, WRC-1167FEBK-A v1.18 and earlier, WRC-F1167ACF2 all versions, WRC-600GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-1467GHBK-A all versions, WRC-1467GHBK-S all versions, WRC-1900GHBK-A all versions, and WRC-1900GHBK-S all versions.

Related Vulnerabilities

CVE-2018-13313

MEDIUM

CVSS:6.5(Medium)

In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. This page, password.htm, contains JavaScript which is used to confirm the user kno...

CWE-9222018

CVE-2019-5632

MEDIUM

CVSS:6.5(Medium)

An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application's database was found to contain informatio...

CWE-9222019

CVE-2019-5633

MEDIUM

CVSS:6.5(Medium)

An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information th...

CWE-9222019

CVE-2020-28911

MEDIUM

CVSS:6.5(Medium)

Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated users to extract passwords used to manage fused servers via the test_server command in ajaxhelper.php.

CWE-9222020

CVE-2021-25406

MEDIUM

CVSS:6.5(Medium)

Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information.

CWE-9222021

CVE-2021-28653

MEDIUM

CVSS:6.5(Medium)

The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave suppor...

CWE-9222021