CVE-2021-20712
Severity Score
5.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Improper access control vulnerability in NEC Aterm WG2600HS firmware Ver1.5.1 and earlier, and Aterm WX3000HP firmware Ver1.1.2 and earlier allows a device connected to the LAN side to be accessed from the WAN side due to the defect in the IPv6 firewall function.
Una vulnerabilidad de control de acceso inapropiado en NEC Aterm WG2600HS versiones de firmware Ver1.5.1 y anteriores, y Aterm WX3000HP versiones de firmware Ver1.1.2 y anteriores, permite acceder a un dispositivo conectado al lado LAN desde el lado WAN debido al defecto en la funciĆ³n firewall IPv6
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-12-17 CVE Reserved
- 2021-04-26 CVE Published
- 2024-01-09 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/en/jp/JVN29739718/index.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://jpn.nec.com/security-info/secinfo/nv21-010.html | 2022-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nec Search vendor "Nec" | Aterm Wg2600hs Firmware Search vendor "Nec" for product "Aterm Wg2600hs Firmware" | <= 1.5.1 Search vendor "Nec" for product "Aterm Wg2600hs Firmware" and version " <= 1.5.1" | - |
Affected
| in | Nec Search vendor "Nec" | Aterm Wg2600hs Search vendor "Nec" for product "Aterm Wg2600hs" | - | - |
Safe
|
| Nec Search vendor "Nec" | Aterm Wx3000hp Firmware Search vendor "Nec" for product "Aterm Wx3000hp Firmware" | <= 1.1.2 Search vendor "Nec" for product "Aterm Wx3000hp Firmware" and version " <= 1.1.2" | - |
Affected
| in | Nec Search vendor "Nec" | Aterm Wx3000hp Search vendor "Nec" for product "Aterm Wx3000hp" | - | - |
Safe
|