CVE-2021-20643

Опубликовано: 12 фев. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request.

Ссылки

https://jvn.jp/en/jp/JVN47580234/index.html
Third Party Advisory
https://www.elecom.co.jp/news/security/20210126-01/
Vendor Advisory
https://jvn.jp/en/jp/JVN47580234/index.html
Third Party Advisory
https://www.elecom.co.jp/news/security/20210126-01/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:elecom:ld-ps\/u1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:elecom:ld-ps\/u1:-:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00299

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-xmmf-j7j7-r9v2