CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20856
https://notcve.org/view.php?id=CVE-2021-20856
01 Dec 2021 — Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. Una vulnerabilidad de tipo cross-site scripting en los routers LAN de ELECOM (firmware WRH-733GBK versiones v1.02.9 y anteriores y firmware WRH-733GWH versiones v1.02.9 y anteriores) permite a un atacante remoto autenticado inyectar un script arbitrario por vectores no especific... • https://jvn.jp/en/jp/JVN88993473/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20855
https://notcve.org/view.php?id=CVE-2021-20855
01 Dec 2021 — Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. Una vulnerabilidad de tipo cross-site scripting en los routers LAN de ELECOM (firmware WRH-733GBK versiones v1.02.9 y anteriores y firmware WRH-733GWH versiones v1.02.9 y anteriores) permite a un atacante remoto autenticado inyectar un script arbitrario por medio de vectores no ... • https://jvn.jp/en/jp/JVN88993473/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20854
https://notcve.org/view.php?id=CVE-2021-20854
01 Dec 2021 — ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors. Los routers LAN de ELECOM (firmware WRH-733GBK versiones v1.02.9 y anteriores y firmware WRH-733GWH versiones v1.02.9 y anteriores) permiten a un atacante adyacente a la red con privilegios de administrador ejecutar comandos arbitrarios del sistema operativo por medio de vectores no es... • https://jvn.jp/en/jp/JVN88993473/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20853
https://notcve.org/view.php?id=CVE-2021-20853
01 Dec 2021 — ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors. Los routers LAN de ELECOM (firmware WRH-733GBK versiones v1.02.9 y anteriores y firmware WRH-733GWH versiones v1.02.9 y anteriores) permiten a un atacante adyacente a la red con privilegios de administrador ejecutar comandos arbitrarios del sistema operativo por medio de vectores no es... • https://jvn.jp/en/jp/JVN88993473/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20852
https://notcve.org/view.php?id=CVE-2021-20852
01 Dec 2021 — Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors. Una vulnerabilidad de desbordamiento del búfer en los routers LAN de ELECOM (firmware WRH-733GBK versiones v1.02.9 y anteriores y firmware WRH-733GWH versiones v1.02.9 y anteriores) permite a un atacante adyacente a la red con privilegios de administr... • https://jvn.jp/en/jp/JVN88993473/index.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •