Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-20647

UNKNOWN
Published 2021-02-12T06:15:49
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-20647. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

ELECOM CO.,LTD.

WRC-300FEBK-S

Affected Versions:

WRC-300FEBK-S

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-95x3-j4xq-37g5

Advisory Details

Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-20647
WEB https://jvn.jp/en/jp/JVN47580234/index.html
WEB https://www.elecom.co.jp/news/security/20210126-01

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022

References

https://www.elecom.co.jp/news/security/20210126-01/
https://jvn.jp/en/jp/JVN47580234/index.html
Published: 2021-02-12T06:15:49
Last Modified: 2024-08-03T17:45:45.337Z
Copied to clipboard!