← Back to CVEs
CVE-2021-20739
HIGH8.8
Description
WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors.
CVE Details
CVSS v3.1 Score8.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorADJACENT_NETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published7/7/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
elecom:wrc-300febkelecom:wrc-300febk_firmwareelecom:wrc-733febkelecom:wrc-733febk_firmwareelecom:wrc-f300nfelecom:wrc-f300nf_firmwareelecom:wrh-300bkelecom:wrh-300bk-selecom:wrh-300bk-s_firmwareelecom:wrh-300bk_firmwareelecom:wrh-300rdelecom:wrh-300rd_firmwareelecom:wrh-300svelecom:wrh-300sv_firmwareelecom:wrh-300whelecom:wrh-300wh-selecom:wrh-300wh-s_firmwareelecom:wrh-300wh_firmwareelecom:wrh-h300bkelecom:wrh-h300bk_firmwareelecom:wrh-h300whelecom:wrh-h300wh_firmware
Weaknesses (CWE)
CWE-78
References
https://jvn.jp/en/vu/JVNVU94260088/index.html(vultures@jpcert.or.jp)
https://www.elecom.co.jp/news/security/20210706-01/(vultures@jpcert.or.jp)
https://jvn.jp/en/vu/JVNVU94260088/index.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.elecom.co.jp/news/security/20210706-01/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.