3 matches found
CVE-2021-20649
ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. Via a man-in-the-middle attack, an attacker may alter the communication response. As a result, an arbitrary OS command may be executed on the affected device...
CVE-2021-20649
CVE-2021-20649 affects ELECOM WRC-300FEBK-S with an improper server certificate verification (CWE-295). A MITM can modify the response, potentially allowing arbitrary OS commands to be executed on the device. Affected product in this CVE entry is the WRC-300FEBK-S; impact is confirmed as remote e...
JVN#47580234: Multiple vulnerabilities in multiple ELECOM products
Multiple products provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Improper Access Control CWE-284 - CVE-2021-20643 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N| Base Score: 5.3 CVSS v2| AV:N/AC:L/Au:N/C:N/I:P/A:N| Base Score:...