CVE-2021-20709
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to a specific URL.
Una validación inapropiada de la vulnerabilidad del valor de comprobación de integridad en NEC Aterm WF1200CR firmware Ver1.3.2 y anterior, Aterm WG1200CR firmware Ver1.3.3 y anterior, y Aterm WG2600HS firmware Ver1.5.1 y anterior permite a un atacante con privilegios administrativos ejecutar comandos arbitrarios del Sistema Operativo mediante el envio de una petición especialmente diseñada a una URL específica
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-12-17 CVE Reserved
- 2021-04-26 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-354: Improper Validation of Integrity Check Value
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/en/jp/JVN29739718/index.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://jpn.nec.com/security-info/secinfo/nv21-010.html | 2021-05-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nec Search vendor "Nec" | Aterm Wf1200cr Firmware Search vendor "Nec" for product "Aterm Wf1200cr Firmware" | <= 1.3.2 Search vendor "Nec" for product "Aterm Wf1200cr Firmware" and version " <= 1.3.2" | - |
Affected
| in | Nec Search vendor "Nec" | Aterm Wf1200cr Search vendor "Nec" for product "Aterm Wf1200cr" | - | - |
Safe
|
| Nec Search vendor "Nec" | Aterm Wg1200cr Firmware Search vendor "Nec" for product "Aterm Wg1200cr Firmware" | <= 1.3.3 Search vendor "Nec" for product "Aterm Wg1200cr Firmware" and version " <= 1.3.3" | - |
Affected
| in | Nec Search vendor "Nec" | Aterm Wg1200cr Search vendor "Nec" for product "Aterm Wg1200cr" | - | - |
Safe
|
| Nec Search vendor "Nec" | Aterm Wg2600hs Firmware Search vendor "Nec" for product "Aterm Wg2600hs Firmware" | <= 1.5.1 Search vendor "Nec" for product "Aterm Wg2600hs Firmware" and version " <= 1.5.1" | - |
Affected
| in | Nec Search vendor "Nec" | Aterm Wg2600hs Search vendor "Nec" for product "Aterm Wg2600hs" | - | - |
Safe
|