CVE-2021-20708

Beschreibung:
NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL.

CWE: CWE-78 CWE-20

CVSS-Bewertung
CVSS 2: HIGH – 9 (Version: 2.0)
CVSS 3: HIGH – 7.2 (Version: 3.1)

Links:

NVD – CVE-2021-20708
CVE – CVE-2021-20708

Link (max. 20) Quelle Tags
https://jvn.jp/en/jp/JVN29739718/index.html MISC Third Party Advisory Vendor Advisory Third Party Advisory
https://jpn.nec.com/security-info/secinfo/nv21-010.html MISC Mitigation Vendor Advisory Third Party Advisory Vendor Advisory
https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640 MISC Exploit Patch Third Party Advisory
FEDORA-2021-10d7331a31 FEDORA Third Party Advisory
FEDORA-2021-2d860da728 FEDORA
FEDORA-2021-96a5dabcfa FEDORA

Quelle: NVD – CVE-2021-20708
Datum Veröffentlichung: 2021-04-26T01:15Z, Datum letzte Änderung: 2021-05-05T19:57Z