NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2021-20699

Summary	Sharp NEC Displays ((UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UX552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V984Q R2.000 and prior to it, C981Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it, P404 R3.200 and prior to it, P484 R3.200 and prior to it, P554 R3.200 and prior to it, V404 R3.200 and prior to it, V484 R3.200 and prior to it, V554 R3.200 and prior to it, V404-T R3.200 and prior to it, V484-T R3.200 and prior to it, V554-T R3.200 and prior to it, C501 R2.000 and prior to it, C551 R2.000 and prior to it, C431 R2.000 and prior to it) allows an attacker a buffer overflow and to execute remote code by sending long parameters that contains specific characters in http request.
Publication Date	June 7, 2021, 11:15 p.m.
Registration Date	June 8, 2021, 10 a.m.
Last Update	Nov. 21, 2024, 2:47 p.m.

CVSS3.1 : CRITICAL
スコア	9.8
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高

CVSS2.0 : HIGH
Score	10.0
Vector	AV:N/AC:L/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un462a_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un462a:-:::::::*

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un462va_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un462va:-:::::::*

Configuration3		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un492s_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un492s:-:::::::*

Configuration4		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un492vs_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un492vs:-:::::::*

Configuration5		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un552a_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un552a:-:::::::*

Configuration6		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un552s_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un552s:-:::::::*

Configuration7		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un552vs_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un552vs:-:::::::*

Configuration8		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un552_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un552:-:::::::*

Configuration9		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:un552v_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:un552v:-:::::::*

Configuration10		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:ux552s_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:ux552s:-:::::::*

Configuration11		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:ux552_firmware::::::::			r1.300
execution environment
1	cpe:2.3:h:sharp-nec-displays:ux552:-:::::::*

Configuration12		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v864q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:v864q:-:::::::*

Configuration13		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:c861q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:c861q:-:::::::*

Configuration14		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:p754q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:p754q:-:::::::*

Configuration15		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v754q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:v754q:-:::::::*

Configuration16		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:c751q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:c751q:-:::::::*

Configuration17		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v984q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:v984q:-:::::::*

Configuration18		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:c981q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:c981q:-:::::::*

Configuration19		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:p654q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:p654q:-:::::::*

Configuration20		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v654q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:v654q:-:::::::*

Configuration21		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:c651q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:c651q:-:::::::*

Configuration22		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v554q_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:v554q:-:::::::*

Configuration23		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:p404_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:p404:-:::::::*

Configuration24		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:p484_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:p484:-:::::::*

Configuration25		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:p554_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:p554:-:::::::*

Configuration26		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v404_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:v404:-:::::::*

Configuration27		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v484_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:v484:-:::::::*

Configuration28		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v554_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:v554:-:::::::*

Configuration29		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v404-t_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:v404-t:-:::::::*

Configuration30		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v484-t_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:v484-t:-:::::::*

Configuration31		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:v554-t_firmware::::::::			r3.201
execution environment
1	cpe:2.3:h:sharp-nec-displays:v554-t:-:::::::*

Configuration32		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:c501_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:c501:-:::::::*

Configuration33		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:c551_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:c551:-:::::::*

Configuration34		or higher	or less	more than	less than
cpe:2.3:o:sharp-nec-displays:c431_firmware::::::::			r2.000
execution environment
1	cpe:2.3:h:sharp-nec-displays:c431:-:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.sharp-nec-displays.com/global/support/info/A5-1_vulnerability.html
2	https://www.sharp-nec-displays.com/global/support/info/A5-1_vulnerability.html

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-120	古典的バッファオーバーフロー	https://cwe.mitre.org/data/definitions/120.html
2	CWE-77	コマンドインジェクション	https://cwe.mitre.org/data/definitions/77.html