var-202102-0480
Vulnerability from variot

LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors. The following multiple vulnerabilities exist in multiple products provided by Logitec Co., Ltd. -Inappropriate restriction of excessive authentication attempts (CWE-307) - CVE-2021-20635 ・ Cross-site request forgery (CWE-352) - CVE-2021-20636, CVE-2021-20641 • Improper checking or handling for exceptional situations (CWE-703) - CVE-2021-20637, CVE-2021-20642 ・ OS Command injection (CWE-78) - CVE-2021-20638 ・ OS Command injection (CWE-78) - CVE-2021-20639 ・ Buffer overflow (CWE-119) - CVE-2021-20640 CVE-2021-20635 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Kanagawa Institute of Technology Minegishi Takaaki Mr. Okamoto Tsuyoshi Mr CVE-2021-20636, CVE-2021-20637, CVE-2021-20642 These vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : LAC Co., Ltd. Shuto Kono Mr CVE-2021-20638, CVE-2021-20639, CVE-2021-20640 These vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Mitsui Bussan Secure Direction Co., Ltd. Tsukamoto Taizo Mr CVE-2021-20641 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : LAC Co., Ltd. Shuto Kono Mr. Techmatrix Corporation Atsuo Sakurai MrThe expected impact depends on each vulnerability, but it may be affected as follows. ・ Wireless of the corresponding device LAN By a third party within reach PIN Is decrypted and the network provided by the device is accessed. - CVE-2021-20635 ・ Of the product Web The user logged in to the admin page has been crafted URL You can unintentionally change the settings of the product by accessing - CVE-2021-20636, CVE-2021-20641 ・ Of the product Web The user logged in to the admin page has been crafted URL Interfering with service operations by accessing (DoS) Be attacked - CVE-2021-20637, CVE-2021-20642 ・ Of the product Web Arbitrary by an attacker with access to the admin page OS Command is executed - CVE-2021-20638, CVE-2021-20639, CVE-2021-20640. LOGITEC CORPORATION LAN-W300N/PGRB is a wireless router device.

LOGITEC CORPORATION LAN-W300N/PGRB has an operating system command injection vulnerability

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0480",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "lan-w300n\\/pgrb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "logitech",
        "version": null
      },
      {
        "model": "lan-w300n/pgrb",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "logitec",
        "version": "(cve-2021-20638, cve-2021-20639, cve-2021-20640)"
      },
      {
        "model": "lan-w300n/pr5b",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "logitec",
        "version": "(cve-2021-20636, cve-2021-20637)"
      },
      {
        "model": "lan-w300n/rs",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "logitec",
        "version": "(cve-2021-20641, cve-2021-20642)"
      },
      {
        "model": "lan-wh450n/gr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "logitec",
        "version": "(cve-2021-20635)"
      },
      {
        "model": "lan-w300n/pgrb",
        "scope": null,
        "trust": 0.6,
        "vendor": "logitec",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20639"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:logitech:lan-w300n\\/pgrb_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:logitech:lan-w300n\\/pgrb:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-20639"
      }
    ]
  },
  "cve": "CVE-2021-20639",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "Single",
            "author": "IPA",
            "availabilityImpact": "Partial",
            "baseScore": 5.2,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-000010",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 2.4,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 5.1,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 3.3,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-000010",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 4.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-000010",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Partial",
            "baseScore": 2.6,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-000010",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 5.1,
            "id": "CNVD-2021-58249",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 5.1,
            "id": "CVE-2021-20639",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "IPA",
            "availabilityImpact": "High",
            "baseScore": 6.8,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-000010",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 2.4,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-000010",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-000010",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA",
            "availabilityImpact": "Low",
            "baseScore": 4.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-000010",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "IPA",
            "id": "JVNDB-2021-000010",
            "trust": 4.8,
            "value": "Medium"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-20639",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-58249",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202101-2383",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-20639",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20639"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20639"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors. The following multiple vulnerabilities exist in multiple products provided by Logitec Co., Ltd. -Inappropriate restriction of excessive authentication attempts (CWE-307) - CVE-2021-20635 \u30fb Cross-site request forgery (CWE-352) - CVE-2021-20636, CVE-2021-20641 \u2022 Improper checking or handling for exceptional situations (CWE-703) - CVE-2021-20637, CVE-2021-20642 \u30fb OS Command injection (CWE-78) - CVE-2021-20638 \u30fb OS Command injection (CWE-78) - CVE-2021-20639 \u30fb Buffer overflow (CWE-119) - CVE-2021-20640 CVE-2021-20635 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Kanagawa Institute of Technology Minegishi Takaaki Mr. Okamoto Tsuyoshi Mr CVE-2021-20636, CVE-2021-20637, CVE-2021-20642 These vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : LAC Co., Ltd. Shuto Kono Mr CVE-2021-20638, CVE-2021-20639, CVE-2021-20640 These vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Mitsui Bussan Secure Direction Co., Ltd. Tsukamoto Taizo Mr CVE-2021-20641 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : LAC Co., Ltd. Shuto Kono Mr. Techmatrix Corporation Atsuo Sakurai MrThe expected impact depends on each vulnerability, but it may be affected as follows. \u30fb Wireless of the corresponding device LAN By a third party within reach PIN Is decrypted and the network provided by the device is accessed. - CVE-2021-20635 \u30fb Of the product Web The user logged in to the admin page has been crafted URL You can unintentionally change the settings of the product by accessing - CVE-2021-20636, CVE-2021-20641 \u30fb Of the product Web The user logged in to the admin page has been crafted URL Interfering with service operations by accessing (DoS) Be attacked - CVE-2021-20637, CVE-2021-20642 \u30fb Of the product Web Arbitrary by an attacker with access to the admin page OS Command is executed - CVE-2021-20638, CVE-2021-20639, CVE-2021-20640. LOGITEC CORPORATION LAN-W300N/PGRB is a wireless router device. \n\r\n\r\nLOGITEC CORPORATION LAN-W300N/PGRB has an operating system command injection vulnerability",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-20639"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20639"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-20639",
        "trust": 3.1
      },
      {
        "db": "JVN",
        "id": "JVN96783542",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010",
        "trust": 1.4
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2383",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20639",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20639"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20639"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ]
  },
  "id": "VAR-202102-0480",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      }
    ],
    "trust": 1.0756944499999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:27:01.766000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306a\u3069\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u88fd\u54c1\u306e\u4e00\u90e8\u306b\u304a\u3051\u308b\u8106\u5f31\u6027\u306b\u95a2\u3057\u3066",
        "trust": 0.8,
        "url": "https://www.elecom.co.jp/news/security/20210126-01/"
      },
      {
        "title": "Patch for LOGITEC CORPORATION LAN-W300N/PGRB operating system command injection vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/283986"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.8
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-352",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-287",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20639"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://www.elecom.co.jp/news/security/20210126-01/"
      },
      {
        "trust": 1.7,
        "url": "https://jvn.jp/en/jp/jvn96783542/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20641"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20642"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20635"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20636"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20637"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20638"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20639"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20640"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/jp/jvn96783542/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://jvndb.jvn.jp/en/contents/2021/jvndb-2021-000010.html"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-20639"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/78.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20639"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20639"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-20639"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-20639"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-08-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "date": "2021-02-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-20639"
      },
      {
        "date": "2021-01-26T03:17:11",
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "date": "2021-02-12T07:15:14.733000",
        "db": "NVD",
        "id": "CVE-2021-20639"
      },
      {
        "date": "2021-01-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-08-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "date": "2021-02-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-20639"
      },
      {
        "date": "2021-01-26T03:17:11",
        "db": "JVNDB",
        "id": "JVNDB-2021-000010"
      },
      {
        "date": "2022-02-10T19:47:51.777000",
        "db": "NVD",
        "id": "CVE-2021-20639"
      },
      {
        "date": "2021-02-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "LOGITEC CORPORATION LAN-W300N/PGRB operating system command injection vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-58249"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2383"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.