{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T23:25:05.292","vulnerabilities":[{"cve":{"id":"CVE-2021-20709","sourceIdentifier":"vultures@jpcert.or.jp","published":"2021-04-26T01:15:07.977","lastModified":"2024-11-21T05:47:03.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to a specific URL."},{"lang":"es","value":"Una validación inapropiada de la vulnerabilidad del valor de comprobación de integridad en NEC Aterm WF1200CR firmware Ver1.3.2 y anterior, Aterm WG1200CR firmware Ver1.3.3 y anterior, y Aterm WG2600HS firmware Ver1.5.1 y anterior permite a un atacante con privilegios administrativos ejecutar comandos arbitrarios del Sistema Operativo mediante el envio de una petición especialmente diseñada a una URL específica"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-354"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.2","matchCriteriaId":"303286F8-9C3D-42E4-8DBD-16F9CD6B6FDB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*","matchCriteriaId":"3A91D9EB-5962-498E-9B14-C5712DDDF7C2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.3","matchCriteriaId":"C6CC0F17-379E-4711-B1E6-4D726C404A31"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*","matchCriteriaId":"936D9DD3-11E5-4862-B157-85B13EA06C38"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.5.1","matchCriteriaId":"98011875-167E-4921-858E-C30AF5E9DB76"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*","matchCriteriaId":"623C9C7B-C947-49A8-9C1D-20B23FDA73ED"}]}]}],"references":[{"url":"https://jpn.nec.com/security-info/secinfo/nv21-010.html","source":"vultures@jpcert.or.jp","tags":["Mitigation","Vendor Advisory"]},{"url":"https://jvn.jp/en/jp/JVN29739718/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://jpn.nec.com/security-info/secinfo/nv21-010.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]},{"url":"https://jvn.jp/en/jp/JVN29739718/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}