Lucene search
+L

4 matches found

NVD
NVD
added 2021/02/12 7:15 a.m.19 views

CVE-2021-20646

Cross-site request forgery CSRF vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started...

6.5CVSS0.00497EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/02/12 6:15 a.m.19 views

CVE-2021-20646

Cross-site request forgery CSRF vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started...

7.3AI score0.00497EPSS
Exploits0References2
CVE
CVE
added 2021/02/12 6:15 a.m.78 views

CVE-2021-20646

CVE-2021-20646 affects ELECOM WRC-300FEBK-A and is a Cross-site Request Forgery (CSRF) vulnerability that can hijack an administrator’s session and cause arbitrary requests to be executed, potentially altering device settings or starting a telnet daemon. The connected documents confirm the vulner...

6.5CVSS7AI score0.00497EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/01/26 12:0 a.m.165 views

JVN#47580234: Multiple vulnerabilities in multiple ELECOM products

Multiple products provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Improper Access Control CWE-284 - CVE-2021-20643 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N| Base Score: 5.3 CVSS v2| AV:N/AC:L/Au:N/C:N/I:P/A:N| Base Score:...

10CVSS7.8AI score0.99975EPSS
Exploits6
Rows per page
Query Builder