NVD Vulnerability Detail
Search Exploit, PoC
CVE-2021-20863
Summary

OS command injection vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attackers to execute an arbitrary OS command with the root privilege via unspecified vectors.

Publication Date Dec. 1, 2021, 12:15 p.m.
Registration Date Dec. 1, 2021, 4 p.m.
Last Update Nov. 21, 2024, 2:47 p.m.
CVSS3.1 : HIGH
スコア 8.0
Vector CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
攻撃元区分(AV) 隣接
攻撃条件の複雑さ(AC)
攻撃に必要な特権レベル(PR)
利用者の関与(UI) 不要
影響の想定範囲(S) 変更なし
機密性への影響(C)
完全性への影響(I)
可用性への影響(A)
CVSS2.0 : HIGH
Score 7.7
Vector AV:A/AC:L/Au:S/C:C/I:C/A:C
攻撃元区分(AV) 隣接
攻撃条件の複雑さ(AC)
攻撃前の認証要否(Au) 単一
機密性への影響(C)
完全性への影響(I)
可用性への影響(A)
Get all privileges. いいえ
Get user privileges いいえ
Get other privileges いいえ
User operation required いいえ
Affected software configurations
Configuration1 or higher or less more than less than
cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:* 1.25
execution environment
1 cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*
Configuration2 or higher or less more than less than
cpe:2.3:o:elecom:wrc-1167gst2a_firmware:*:*:*:*:*:*:*:* 1.25
execution environment
1 cpe:2.3:h:elecom:wrc-1167gst2a:-:*:*:*:*:*:*:*
Configuration3 or higher or less more than less than
cpe:2.3:o:elecom:wrc-1167gst2h_firmware:*:*:*:*:*:*:*:* 1.25
execution environment
1 cpe:2.3:h:elecom:wrc-1167gst2h:-:*:*:*:*:*:*:*
Configuration4 or higher or less more than less than
cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:* 1.52
execution environment
1 cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*
Configuration5 or higher or less more than less than
cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:* 1.52
execution environment
1 cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*
Configuration6 or higher or less more than less than
cpe:2.3:o:elecom:wrc-1750gs_firmware:*:*:*:*:*:*:*:* 1.03
execution environment
1 cpe:2.3:h:elecom:wrc-1750gs:-:*:*:*:*:*:*:*
Configuration7 or higher or less more than less than
cpe:2.3:o:elecom:wrc-1750gsv_firmware:*:*:*:*:*:*:*:* 2.11
execution environment
1 cpe:2.3:h:elecom:wrc-1750gsv:-:*:*:*:*:*:*:*
Configuration8 or higher or less more than less than
cpe:2.3:o:elecom:wrc-1900gst_firmware:*:*:*:*:*:*:*:* 1.03
execution environment
1 cpe:2.3:h:elecom:wrc-1900gst:-:*:*:*:*:*:*:*
Configuration9 or higher or less more than less than
cpe:2.3:o:elecom:wrc-2533gst_firmware:*:*:*:*:*:*:*:* 1.03
execution environment
1 cpe:2.3:h:elecom:wrc-2533gst:-:*:*:*:*:*:*:*
Configuration10 or higher or less more than less than
cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:* 1.25
execution environment
1 cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*
Configuration11 or higher or less more than less than
cpe:2.3:o:elecom:wrc-2533gsta_firmware:*:*:*:*:*:*:*:* 1.03
execution environment
1 cpe:2.3:h:elecom:wrc-2533gsta:-:*:*:*:*:*:*:*
Configuration12 or higher or less more than less than
cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:*:*:*:*:*:*:*:* 1.25
execution environment
1 cpe:2.3:h:elecom:wrc-2533gst2sp:-:*:*:*:*:*:*:*
Configuration13 or higher or less more than less than
cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:*:*:*:*:*:*:*:* 1.25
execution environment
1 cpe:2.3:h:elecom:wrc-2533gst2-g:-:*:*:*:*:*:*:*
Configuration14 or higher or less more than less than
cpe:2.3:o:elecom:edwrc-2533gst2_firmware:*:*:*:*:*:*:*:* 1.25
execution environment
1 cpe:2.3:h:elecom:edwrc-2533gst2:-:*:*:*:*:*:*:*
Related information, measures and tools
Common Vulnerabilities List