|
200861
|
6.8 |
MEDIUM
Adjacent
|
elecom
|
wrc-300febk-s_firmware
|
ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2021-20648
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200862
|
6.5 |
MEDIUM
Network
|
elecom
|
wrc-300febk-s_firmware
|
Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector.…
|
CWE-352
Origin Validation Error
|
CVE-2021-20647
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200863
|
6.5 |
MEDIUM
Network
|
elecom
|
wrc-300febk-a_firmware
|
Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector.…
|
CWE-352
Origin Validation Error
|
CVE-2021-20646
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200864
|
5.4 |
MEDIUM
Network
|
elecom
|
wrc-300febk-a_firmware
|
Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20645
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200865
|
6.1 |
MEDIUM
Network
|
elecom
|
wrc-1467ghbk-a_firmware
|
ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page.
|
CWE-74
Injection
|
CVE-2021-20644
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200866
|
7.5 |
HIGH
Network
|
elecom
|
ld-ps\/u1_firmware
|
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request.
|
NVD-CWE-Other
|
CVE-2021-20643
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200867
|
6.5 |
MEDIUM
Network
|
logitech
|
lan-w300n\/rs_firmware
|
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.
|
NVD-CWE-Other
|
CVE-2021-20642
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200868
|
6.5 |
MEDIUM
Network
|
logitech
|
lan-w300n\/rs_firmware
|
Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/RS allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended ope…
|
CWE-352
Origin Validation Error
|
CVE-2021-20641
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200869
|
6.8 |
MEDIUM
Adjacent
|
logitech
|
lan-w300n\/pgrb_firmware
|
Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute an arbitrary OS command via unspecified vectors.
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-20640
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200870
|
6.8 |
MEDIUM
Adjacent
|
logitech
|
lan-w300n\/pgrb_firmware
|
LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2021-20639
|
2024-11-21 14:46 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
