CVE-2023-31196 – This vulnerability allows remote unauthenticate... (How to Fix)

Q: What is the severity of CVE-2023-31196?

CVE-2023-31196 has a CVSS score of 7.5 (HIGH). This vulnerability allows remote unauthenticated attackers to access sensitive information from affected Wi-Fi AP UNIT devices due to missing authentication on critical functions. It affects multiple Inaba product models running specific firmware versions. Attackers can exploit this without any credentials.

📋 TL;DR

This vulnerability allows remote unauthenticated attackers to access sensitive information from affected Wi-Fi AP UNIT devices due to missing authentication on critical functions. It affects multiple Inaba product models running specific firmware versions. Attackers can exploit this without any credentials.

💻 Affected Systems

Products:

AC-PD-WAPU
AC-PD-WAPUM
AC-PD-WAPU-P
AC-PD-WAPUM-P
AC-WAPU-300
AC-WAPUM-300
AC-WAPU-300-P
AC-WAPUM-300-P

Versions: v1.05_B04 and earlier for AC-PD series, v1.00_B07 and earlier for AC-WAPU-300 series

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All affected versions are vulnerable by default. No special configuration required for exploitation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of device configuration, network credentials, and sensitive operational data leading to network infiltration or device takeover.

🟠

Likely Case

Unauthorized access to device configuration, network settings, and potentially administrative credentials stored on the device.

🟢

If Mitigated

Limited impact if devices are behind firewalls with strict network segmentation and access controls.

🌐 Internet-Facing: HIGH - Directly exposed devices can be exploited by any internet-based attacker without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access to the device but no authentication. The vulnerability is in authentication mechanism, making exploitation straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after those listed in affected versions

Vendor Advisory: https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf

Restart Required: Yes

Instructions:

1. Download latest firmware from Inaba website. 2. Access device admin interface. 3. Navigate to firmware update section. 4. Upload and apply new firmware. 5. Reboot device after update completes.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected devices in separate VLANs with strict firewall rules limiting access to management interfaces.

Access Control Lists

all

Implement network ACLs to restrict access to device management interfaces to authorized IP addresses only.

🧯 If You Can't Patch

Implement strict network segmentation to isolate affected devices from untrusted networks
Deploy network monitoring and intrusion detection to alert on unauthorized access attempts

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or CLI. If version matches affected range, device is vulnerable.

Check Version:

Check via device web interface or manufacturer-specific CLI commands

Verify Fix Applied:

Verify firmware version is updated beyond affected versions listed in advisory.

📡 Detection & Monitoring

Log Indicators:

Unauthenticated access attempts to management interfaces
Multiple failed authentication attempts followed by successful access

Network Indicators:

Unusual traffic patterns to device management ports from unauthorized sources
HTTP/HTTPS requests to device interfaces without authentication headers

SIEM Query:

source_ip NOT IN authorized_ips AND destination_port IN [80,443,8080] AND destination_ip IN affected_devices AND http_status=200

📊 Metadata

CVE ID: CVE-2023-31196

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-306

Published: June 13, 2023

Last Updated: January 3, 2025

🔗 References

https://jvn.jp/en/jp/JVN28412757/ Mitigation,Third Party Advisory
https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf Vendor Advisory
https://jvn.jp/en/jp/JVN28412757/ Mitigation,Third Party Advisory
https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-31196, you might also want to check these: