CVE-2021-20847
Severity Score
6.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting vulnerability in Wi-Fi STATION SH-52A (38JP_1_11G, 38JP_1_11J, 38JP_1_11K, 38JP_1_11L, 38JP_1_26F, 38JP_1_26G, 38JP_1_26J, 38JP_2_03B, and 38JP_2_03C) allows a remote unauthenticated attacker to inject an arbitrary script via WebUI of the device.
Una vulnerabilidad de tipo Cross-site scripting en Wi-Fi STATION SH-52A versiones (38JP_1_11G, 38JP_1_11J, 38JP_1_11K, 38JP_1_11L, 38JP_1_26F, 38JP_1_26G, 38JP_1_26J, 38JP_2_03B y 38JP_2_03C), permite a un atacante remoto no autenticado inyectar un script arbitrario por medio de la WebUI del dispositivo
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-12-17 CVE Reserved
- 2021-12-01 CVE Published
- 2024-08-03 CVE Updated
- 2024-12-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/en/jp/JVN19482703/index.html | Third Party Advisory | |
| https://www.nttdocomo.co.jp/support/product_update/sh52a/index.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_1_11g Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_1_11g" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_1_11j Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_1_11j" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_1_11k Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_1_11k" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_1_11l Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_1_11l" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_1_26f Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_1_26f" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_1_26g Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_1_26g" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_1_26j Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_1_26j" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_2_03b Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_2_03b" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|
| Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Firmware Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" | 38jp_2_03c Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a Firmware" and version "38jp_2_03c" | - |
Affected
| in | Nttdocomo Search vendor "Nttdocomo" | Wi-fi Station Sh-52a Search vendor "Nttdocomo" for product "Wi-fi Station Sh-52a" | - | - |
Safe
|