Vulnerabilities > Elecom

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-12	CVE-2021-20651	Path Traversal vulnerability in Elecom File Manager Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors. network low complexity elecom CWE-22 critical	9.1
2021-02-12	CVE-2021-20650	Cross-Site Request Forgery (CSRF) vulnerability in Elecom Ncc-Ewf100Rmwh2 Firmware Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. network low complexity elecom CWE-352	6.5
2021-02-12	CVE-2021-20649	Improper Certificate Validation vulnerability in Elecom Wrc-300Febk-S Firmware ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. network high complexity elecom CWE-295	4.8
2021-02-12	CVE-2021-20648	OS Command Injection vulnerability in Elecom Wrc-300Febk-S Firmware ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. low complexity elecom CWE-78	6.8
2021-02-12	CVE-2021-20647	Cross-Site Request Forgery (CSRF) vulnerability in Elecom Wrc-300Febk-S Firmware Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. network low complexity elecom CWE-352	6.5
2021-02-12	CVE-2021-20646	Cross-Site Request Forgery (CSRF) vulnerability in Elecom Wrc-300Febk-A Firmware Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. network low complexity elecom CWE-352	6.5
2021-02-12	CVE-2021-20645	Cross-site Scripting vulnerability in Elecom Wrc-300Febk-A Firmware Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors. network low complexity elecom CWE-79	5.4
2021-02-12	CVE-2021-20644	Injection vulnerability in Elecom Wrc-1467Ghbk-A Firmware ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page. network low complexity elecom CWE-74	6.1
2021-02-12	CVE-2021-20643	Unspecified vulnerability in Elecom Ld-Ps/U1 Firmware Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request. network low complexity elecom	7.5
2020-10-06	CVE-2020-5634	Unspecified vulnerability in Elecom products ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10) allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors. low complexity elecom	8.8

Vulnerabilities > Elecom {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Elecom"}]}

Vulnerabilities > Elecom