CVE-2021-20649

Publication date

2021-02-12 06:15:50

Family

jpcert

State

PUBLISHED

Description

ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. Via a man-in-the-middle attack, an attacker may alter the communication response. As a result, an arbitrary OS command may be executed on the affected device.