TROYANOSYVIRUS
Volver a CVEs

CVE-2021-20739

HIGH
8.8

Descripcion

WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors.

Detalles CVE

Puntuacion CVSS v3.18.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueADJACENT_NETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado7/7/2021
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0

Productos afectados

elecom:wrc-300febkelecom:wrc-300febk_firmwareelecom:wrc-733febkelecom:wrc-733febk_firmwareelecom:wrc-f300nfelecom:wrc-f300nf_firmwareelecom:wrh-300bkelecom:wrh-300bk-selecom:wrh-300bk-s_firmwareelecom:wrh-300bk_firmwareelecom:wrh-300rdelecom:wrh-300rd_firmwareelecom:wrh-300svelecom:wrh-300sv_firmwareelecom:wrh-300whelecom:wrh-300wh-selecom:wrh-300wh-s_firmwareelecom:wrh-300wh_firmwareelecom:wrh-h300bkelecom:wrh-h300bk_firmwareelecom:wrh-h300whelecom:wrh-h300wh_firmware

Debilidades (CWE)

CWE-78

Referencias

https://jvn.jp/en/vu/JVNVU94260088/index.html(vultures@jpcert.or.jp)
https://www.elecom.co.jp/news/security/20210706-01/(vultures@jpcert.or.jp)
https://jvn.jp/en/vu/JVNVU94260088/index.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.elecom.co.jp/news/security/20210706-01/(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.