CVE-2021-20709

Beschreibung:
Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to a specific URL.

CWE: CWE-354 CWE-20

CVSS-Bewertung
CVSS 2: HIGH – 9 (Version: 2.0)
CVSS 3: HIGH – 7.2 (Version: 3.1)

Links:

NVD – CVE-2021-20709
CVE – CVE-2021-20709

Link (max. 20) Quelle Tags
https://jvn.jp/en/jp/JVN29739718/index.html MISC Third Party Advisory Vendor Advisory Third Party Advisory
https://jpn.nec.com/security-info/secinfo/nv21-010.html MISC Mitigation Vendor Advisory Third Party Advisory Vendor Advisory
https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640 MISC Exploit Patch Third Party Advisory
FEDORA-2021-10d7331a31 FEDORA Third Party Advisory
FEDORA-2021-2d860da728 FEDORA
FEDORA-2021-96a5dabcfa FEDORA

Quelle: NVD – CVE-2021-20709
Datum Veröffentlichung: 2021-04-26T01:15Z, Datum letzte Änderung: 2021-05-05T20:02Z