CVE-2021-20709
Summary
| CVE | CVE-2021-20709 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-04-26 01:15:00 UTC |
| Updated | 2021-05-05 20:02:00 UTC |
| Description | Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to a specific URL. |
Risk And Classification
Problem Types: CWE-354
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Nec | Aterm Wf1200cr | - | All | All | All |
| Operating System | Nec | Aterm Wf1200cr Firmware | All | All | All | All |
| Hardware | Nec | Aterm Wg1200cr | - | All | All | All |
| Operating System | Nec | Aterm Wg1200cr Firmware | All | All | All | All |
| Hardware | Nec | Aterm Wg2600hs | - | All | All | All |
| Operating System | Nec | Aterm Wg2600hs Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| JVN#29739718: Multiple vulnerabilities in Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HS, and Aterm WX3000HP | MISC | jvn.jp | |
| NV21-010: セキュリティ情報 | NEC | MISC | jpn.nec.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.