CVE-2021-20739

WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:elecom:wrc-300febk_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-300febk:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:elecom:wrc-f300nf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-f300nf:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:elecom:wrc-733febk_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-733febk:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:elecom:wrh-300rd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300rd:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:elecom:wrh-300bk_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:elecom:wrh-300sv_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300sv:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:elecom:wrh-h300wh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300wh:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:elecom:wrh-h300bk_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-h300bk:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:elecom:wrh-300bk-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300bk-s:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:elecom:wrh-300wh-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrh-300wh-s:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:47

Type Values Removed Values Added
References () https://jvn.jp/en/vu/JVNVU94260088/index.html - Third Party Advisory () https://jvn.jp/en/vu/JVNVU94260088/index.html - Third Party Advisory
References () https://www.elecom.co.jp/news/security/20210706-01/ - Vendor Advisory () https://www.elecom.co.jp/news/security/20210706-01/ - Vendor Advisory

Information

Published : 2021-07-07 08:15

Updated : 2024-11-21 05:47


NVD link : CVE-2021-20739

Mitre link : CVE-2021-20739

CVE.ORG link : CVE-2021-20739


JSON object : View

Products Affected

elecom

  • wrh-300rd
  • wrh-300wh
  • wrh-300bk
  • wrh-h300wh
  • wrh-300bk-s_firmware
  • wrc-f300nf_firmware
  • wrh-h300wh_firmware
  • wrh-300bk_firmware
  • wrc-300febk_firmware
  • wrc-300febk
  • wrh-h300bk_firmware
  • wrh-300sv_firmware
  • wrh-300sv
  • wrh-300wh-s_firmware
  • wrh-300rd_firmware
  • wrh-h300bk
  • wrh-300wh-s
  • wrc-f300nf
  • wrh-300bk-s
  • wrc-733febk
  • wrc-733febk_firmware
  • wrh-300wh_firmware
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')