{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T06:55:53.558","vulnerabilities":[{"cve":{"id":"CVE-2021-20636","sourceIdentifier":"vultures@jpcert.or.jp","published":"2021-02-12T07:15:14.543","lastModified":"2024-11-21T05:46:55.197","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/PR5B allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended operations to the device such as changes of the device settings may be conducted."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site request forgery (CSRF) en LOGITEC LAN-W300N/PR5B, permite a atacantes remotos secuestrar la autenticación de los administradores por medio de una URL especialmente diseñada. Como resultado, se pueden realizar operaciones no deseadas en el dispositivo, como cambios en la configuración del dispositivo"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:logitech:lan-w300n\\/pr5b_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8390BE37-91F5-4B1B-B121-BF6147A79836"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:logitech:lan-w300n\\/pr5b:-:*:*:*:*:*:*:*","matchCriteriaId":"4DC81E4C-AFD0-400D-9C51-D091D513A374"}]}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN96783542/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://www.elecom.co.jp/news/security/20210126-01/","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/jp/JVN96783542/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.elecom.co.jp/news/security/20210126-01/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}