NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL.

CWE: CWE-78 CWE-20

CVSS 2: HIGH – 9 (Version: 2.0)
CVSS 3: HIGH – 7.2 (Version: 3.1)


NVD – CVE-2021-20708
CVE – CVE-2021-20708

Link (max. 20) Quelle Tags MISC Third Party Advisory Vendor Advisory Third Party Advisory MISC Mitigation Vendor Advisory Third Party Advisory Vendor Advisory MISC Exploit Patch Third Party Advisory
FEDORA-2021-10d7331a31 FEDORA Third Party Advisory
FEDORA-2021-2d860da728 FEDORA
FEDORA-2021-96a5dabcfa FEDORA

Quelle: NVD – CVE-2021-20708
Datum Veröffentlichung: 2021-04-26T01:15Z, Datum letzte Änderung: 2021-05-05T19:57Z