CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
37.2%
Multiple ELECOM LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below.
Buffer overflow (CWE-121) - CVE-2021-20852
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | Base Score: 6.8 |
CVSS v2 | AV:A/AC:L/Au:S/C:P/I:P/A:P | Base Score: 5.2 |
OS command injection (CWE-78) - CVE-2021-20853, CVE-2021-20854
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | Base Score: 6.8 |
CVSS v2 | AV:A/AC:L/Au:S/C:P/I:P/A:P | Base Score: 5.2 |
Cross-site scripting (CWE-79) - CVE-2021-20855, CVE-2021-20856
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | Base Score: 5.4 |
CVSS v2 | AV:N/AC:M/Au:S/C:N/I:P/A:N | Base Score: 3.5 |
Cross-site scripting (CWE-79) - CVE-2021-20857
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | Base Score: 6.1 |
CVSS v2 | AV:N/AC:H/Au:N/C:N/I:P/A:N | Base Score: 2.6 |
Cross-site scripting (CWE-79) - CVE-2021-20858
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | Base Score: 5.4 |
CVSS v2 | AV:N/AC:M/Au:S/C:N/I:P/A:N | Base Score: 3.5 |
OS command injection (CWE-78) - CVE-2021-20859
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Base Score: 8.0 |
CVSS v2 | AV:A/AC:L/Au:S/C:C/I:C/A:C | Base Score: 7.7 |
Cross-site request forgery (CWE-352) - CVE-2021-20860
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | Base Score: 8.8 |
CVSS v2 | AV:N/AC:H/Au:N/C:P/I:P/A:P | Base Score: 5.1 |
Improper access control (CWE-284) - CVE-2021-20861, CVE-2022-25915
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Base Score: 8.8 |
CVSS v2 | AV:A/AC:L/Au:N/C:P/I:P/A:P | Base Score: 5.8 |
Apply the appropriate firmware update
Apply the appropriate firmware update according to the information provided by the developer.
CVE-2021-20852, CVE-2021-20853, CVE-2021-20854, CVE-2021-20855, CVE-2021-20856
WRH-733GBK firmware v1.02.9 and earlier
WRH-733GWH firmware v1.02.9 and earlier
CVE-2021-20857, CVE-2021-20858
WRC-2533GHBK-I firmware v1.20 and earlier
CVE-2021-20859, CVE-2021-20860, CVE-2021-20861, CVE-2022-25915
WRC-1167GST2 firmware v1.25 and earlier
WRC-1167GST2A firmware v1.25 and earlier
WRC-1167GST2H firmware v1.25 and earlier
WRC-2533GS2-B firmware v1.52 and earlier
WRC-2533GS2-W firmware v1.52 and earlier
WRC-1750GS firmware v1.03 and earlier
WRC-1750GSV firmware v2.11 and earlier
WRC-1900GST firmware v1.03 and earlier
WRC-2533GST firmware v1.03 and earlier
WRC-2533GSTA firmware v1.03 and earlier
WRC-2533GST2 firmware v1.25 and earlier
WRC-2533GST2SP firmware v1.25 and earlier
WRC-2533GST2-G firmware v1.25 and earlier
EDWRC-2533GST2 firmware v1.25 and earlier
WRC-1167GS2-B firmware v1.65 and earlier
WRC-1167GS2H-B firmware v1.65 and earlier
WMC-DLGST2-W firmware v1.24 and earlier
WMC-M1267GST2-W firmware v1.24 and earlier
WMC-2HC-W firmware v1.24 and earlier
WMC-C2533GST-W firmware v1.24 and earlier
WRC-1900GST2 firmware v1.15 and earlier
WRC-1900GST2SP firmware v1.15 and earlier
WRC-1750GST2 firmware v1.14 and earlier
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
37.2%