CVE-2021-20858
https://notcve.org/view.php?id=CVE-2021-20858
Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. Una vulnerabilidad de cross-site scripting en el router ELECOM LAN firmware WRC-2533GHBK-I versiones v1.20 y anteriores, permite a un atacante remoto autenticado inyectar un script arbitrario por medio de vectores no especificados • https://jvn.jp/en/jp/JVN88993473/index.html https://www.elecom.co.jp/news/security/20211130-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-20857
https://notcve.org/view.php?id=CVE-2021-20857
Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. Una vulnerabilidad de tipo cross-site scripting en el router ELECOM LAN firmware WRC-2533GHBK-I versiones v1.20 y anteriores, permite a un atacante remoto autenticado inyectar un script arbitrario por medio de vectores no especificados • https://jvn.jp/en/jp/JVN88993473/index.html https://www.elecom.co.jp/news/security/20211130-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •