TROYANOSYVIRUS
Voltar para CVEs

CVE-2021-20739

HIGH
8.8

Descricao

WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors.

Detalhes CVE

Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueADJACENT_NETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado7/7/2021
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0

Produtos afetados

elecom:wrc-300febkelecom:wrc-300febk_firmwareelecom:wrc-733febkelecom:wrc-733febk_firmwareelecom:wrc-f300nfelecom:wrc-f300nf_firmwareelecom:wrh-300bkelecom:wrh-300bk-selecom:wrh-300bk-s_firmwareelecom:wrh-300bk_firmwareelecom:wrh-300rdelecom:wrh-300rd_firmwareelecom:wrh-300svelecom:wrh-300sv_firmwareelecom:wrh-300whelecom:wrh-300wh-selecom:wrh-300wh-s_firmwareelecom:wrh-300wh_firmwareelecom:wrh-h300bkelecom:wrh-h300bk_firmwareelecom:wrh-h300whelecom:wrh-h300wh_firmware

Fraquezas (CWE)

CWE-78

Referencias

https://jvn.jp/en/vu/JVNVU94260088/index.html(vultures@jpcert.or.jp)
https://www.elecom.co.jp/news/security/20210706-01/(vultures@jpcert.or.jp)
https://jvn.jp/en/vu/JVNVU94260088/index.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.elecom.co.jp/news/security/20210706-01/(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.