Vulnerability Details CVE-2021-20860
Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a remote authenticated attacker to hijack the authentication of an administrator via a specially crafted page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2021-20860
-
cpe:2.3:h:elecom:edwrc-2533gst2:-
-
cpe:2.3:h:elecom:wrc-1167gst2:-
-
cpe:2.3:h:elecom:wrc-1167gst2a:-
-
cpe:2.3:h:elecom:wrc-1167gst2h:-
-
cpe:2.3:h:elecom:wrc-1750gs:-
-
cpe:2.3:h:elecom:wrc-1750gsv:-
-
cpe:2.3:h:elecom:wrc-1900gst:-
-
cpe:2.3:h:elecom:wrc-2533gs2-b:-
-
cpe:2.3:h:elecom:wrc-2533gs2-w:-
-
cpe:2.3:h:elecom:wrc-2533gst2-g:-
-
cpe:2.3:h:elecom:wrc-2533gst2:-
-
cpe:2.3:h:elecom:wrc-2533gst2sp:-
-
cpe:2.3:h:elecom:wrc-2533gst:-
-
cpe:2.3:h:elecom:wrc-2533gsta:-
-
cpe:2.3:o:elecom:edwrc-2533gst2_firmware:-
-
cpe:2.3:o:elecom:edwrc-2533gst2_firmware:1.25
-
cpe:2.3:o:elecom:wrc-1167gst2_firmware:-
-
cpe:2.3:o:elecom:wrc-1167gst2_firmware:1.10
-
cpe:2.3:o:elecom:wrc-1167gst2_firmware:1.25
-
cpe:2.3:o:elecom:wrc-1167gst2a_firmware:-
-
cpe:2.3:o:elecom:wrc-1167gst2a_firmware:1.25
-
cpe:2.3:o:elecom:wrc-1167gst2h_firmware:-
-
cpe:2.3:o:elecom:wrc-1167gst2h_firmware:1.25
-
cpe:2.3:o:elecom:wrc-1750gs_firmware:-
-
cpe:2.3:o:elecom:wrc-1750gs_firmware:1.03
-
cpe:2.3:o:elecom:wrc-1750gsv_firmware:-
-
cpe:2.3:o:elecom:wrc-1750gsv_firmware:2.11
-
cpe:2.3:o:elecom:wrc-1900gst_firmware:-
-
cpe:2.3:o:elecom:wrc-1900gst_firmware:1.03
-
cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:-
-
cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:1.00
-
cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:1.20
-
cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:1.22
-
cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:1.51
-
cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:1.52
-
cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:-
-
cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:1.00
-
cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:1.20
-
cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:1.22
-
cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:1.51
-
cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:1.52
-
cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:-
-
cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:1.25
-
cpe:2.3:o:elecom:wrc-2533gst2_firmware:-
-
cpe:2.3:o:elecom:wrc-2533gst2_firmware:1.14
-
cpe:2.3:o:elecom:wrc-2533gst2_firmware:1.25
-
cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:-
-
cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:1.25
-
cpe:2.3:o:elecom:wrc-2533gst_firmware:-
-
cpe:2.3:o:elecom:wrc-2533gst_firmware:1.03
-
cpe:2.3:o:elecom:wrc-2533gsta_firmware:-
-
cpe:2.3:o:elecom:wrc-2533gsta_firmware:1.03