Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to a specific URL.

CWE: CWE-354 CWE-20

CVSS 2: HIGH – 9 (Version: 2.0)
CVSS 3: HIGH – 7.2 (Version: 3.1)


NVD – CVE-2021-20709
CVE – CVE-2021-20709

Link (max. 20) Quelle Tags MISC Third Party Advisory Vendor Advisory Third Party Advisory MISC Mitigation Vendor Advisory Third Party Advisory Vendor Advisory MISC Exploit Patch Third Party Advisory
FEDORA-2021-10d7331a31 FEDORA Third Party Advisory
FEDORA-2021-2d860da728 FEDORA
FEDORA-2021-96a5dabcfa FEDORA

Quelle: NVD – CVE-2021-20709
Datum Veröffentlichung: 2021-04-26T01:15Z, Datum letzte Änderung: 2021-05-05T20:02Z