CVE-2021-20648: OS Command Injection
First published: Fri Feb 12 2021(Updated: )
ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Elecom Wrc-300febk-s Firmware | ||
| ELECOM WRC-300FEBK-S |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-20648?
CVE-2021-20648 is a vulnerability that allows an attacker with administrator rights to execute arbitrary OS commands on ELECOM WRC-300FEBK-S devices.
How can an attacker exploit CVE-2021-20648?
An attacker with administrator rights can exploit CVE-2021-20648 by executing arbitrary OS commands via unspecified vectors.
What is the severity of CVE-2021-20648?
CVE-2021-20648 has a severity score of 6.8 (high).
What software is affected by CVE-2021-20648?
The Elecom Wrc-300febk-s Firmware is affected by CVE-2021-20648.
How can I mitigate the vulnerability CVE-2021-20648?
To mitigate CVE-2021-20648, apply the necessary firmware update provided by ELECOM WRC-300FEBK-S.
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/elecom
- canonical/elecom wrc-300febk-s firmware
- canonical/elecom wrc-300febk-s