Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-XWCC-427V-VM78
Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-06-29 00:00
VLAI?
Details
Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UN552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V964Q R2.000 and prior to it, C961Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it) allows an attacker to obtain root privileges and execute remote code by sending unintended parameters that contain specific characters in http request.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2021-20698"
],
"database_specific": {
"cwe_ids": [
"CWE-77"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-07T14:15:00Z",
"severity": "CRITICAL"
},
"details": "Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UN552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V964Q R2.000 and prior to it, C961Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it) allows an attacker to obtain root privileges and execute remote code by sending unintended parameters that contain specific characters in http request.",
"id": "GHSA-xwcc-427v-vm78",
"modified": "2022-06-29T00:00:41Z",
"published": "2022-05-24T19:04:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20698"
},
{
"type": "WEB",
"url": "https://www.sharp-nec-displays.com/global/support/info/A5-1_vulnerability.html"
},
{
"type": "WEB",
"url": "http://jvn.jp/en/jp/JVN42866574/index.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2021-20698 (GCVE-0-2021-20698)
Vulnerability from cvelistv5 – Published: 2021-06-07 13:25 – Updated: 2025-12-08 15:51
VLAI?
EPSS
Summary
Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UX552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V984Q R2.000 and prior to it, C981Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it, P404 R3.200 and prior to it, P484 R3.200 and prior to it, P554 R3.200 and prior to it, V404 R3.200 and prior to it, V484 R3.200 and prior to it, V554 R3.200 and prior to it, V404-T R3.200 and prior to it, V484-T R3.200 and prior to it, V554-T R3.200 and prior to it, C501 R2.000 and prior to it, C551 R2.000 and prior to it, C431 R2.000 and prior to it) allows an attacker to obtain root privileges and execute remote code by sending unintended parameters that contain specific characters in http request.
Severity ?
No CVSS data available.
CWE
- Improper certificate validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sharp Display Solutions, Ltd. | UN462A |
Affected:
0 , ≤ R1.300
(custom)
|
||
|
|
||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:51:45.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sharp-nec-displays.com/global/support/info/A5-1_vulnerability.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UN462A",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UN462VA",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UN492S",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UN492VS",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UN552A",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UN552S",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UN552VS",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UN552",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UN552V",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UX552S",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "UX552",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R1.300",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V864Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "C861Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "P754Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V754Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "C751Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V984Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "C981Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "P654Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V654Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "C651Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V554Q",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "C501",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "C551",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "C431",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R2.000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "P404",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "P484",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "P554",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V404",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V484",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V554",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V404-T",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V484-T",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "V554-T",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThanOrEqual": "R3.201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UX552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V984Q R2.000 and prior to it, C981Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it, P404 R3.200 and prior to it, P484 R3.200 and prior to it, P554 R3.200 and prior to it, V404 R3.200 and prior to it, V484 R3.200 and prior to it, V554 R3.200 and prior to it, V404-T R3.200 and prior to it, V484-T R3.200 and prior to it, V554-T R3.200 and prior to it, C501 R2.000 and prior to it, C551 R2.000 and prior to it, C431 R2.000 and prior to it) allows an attacker to obtain root privileges and execute remote code by sending unintended parameters that contain specific characters in http request.\u003c/p\u003e"
}
],
"value": "Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UX552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V984Q R2.000 and prior to it, C981Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it, P404 R3.200 and prior to it, P484 R3.200 and prior to it, P554 R3.200 and prior to it, V404 R3.200 and prior to it, V484 R3.200 and prior to it, V554 R3.200 and prior to it, V404-T R3.200 and prior to it, V484-T R3.200 and prior to it, V554-T R3.200 and prior to it, C501 R2.000 and prior to it, C551 R2.000 and prior to it, C431 R2.000 and prior to it) allows an attacker to obtain root privileges and execute remote code by sending unintended parameters that contain specific characters in http request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper certificate validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-08T15:51:59.123Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sharp-nec-displays.com/global/support/info/A5-1_vulnerability.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2021-20698",
"datePublished": "2021-06-07T13:25:26.000Z",
"dateReserved": "2020-12-17T00:00:00.000Z",
"dateUpdated": "2025-12-08T15:51:59.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…