Vulnerability Description
Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Furukawa | 423-41W\/Ac Firmware | < 1.2.0 |
| Furukawa | 423-41W\/Ac | - |
| Furukawa | Ld421-21W Firmware | < 1.5.0 |
| Furukawa | Ld421-21W | - |
| Furukawa | Ld420-10R Firmware | < 1.4.0 |
| Furukawa | Ld420-10R | - |
| Furukawa | Ld421-21Wv Firmware | < 1.5.0 |
| Furukawa | Ld421-21Wv | - |
Related Weaknesses (CWE)
References
- https://cwe.mitre.org/data/definitions/79.htmlNot Applicable
- https://gist.githubusercontent.com/LuigiPolidorio/ec78daac7c3d97966f2e3703ca5d16Third Party Advisory
- https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_ApplicatioNot Applicable
- https://www.softwall.com.br/cves/publicacao-rce-html-injection-furukawa/
- https://cwe.mitre.org/data/definitions/79.htmlNot Applicable
- https://gist.githubusercontent.com/LuigiPolidorio/ec78daac7c3d97966f2e3703ca5d16Third Party Advisory
- https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_ApplicatioNot Applicable
- https://www.softwall.com.br/cves/publicacao-rce-html-injection-furukawa/
FAQ
What is CVE-2021-37386?
CVE-2021-37386 is a vulnerability with a CVSS score of 7.5 (HIGH). Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function.
How severe is CVE-2021-37386?
CVE-2021-37386 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-37386?
Check the references section above for vendor advisories and patch information. Affected products include: Furukawa 423-41W\/Ac Firmware, Furukawa 423-41W\/Ac, Furukawa Ld421-21W Firmware, Furukawa Ld421-21W, Furukawa Ld420-10R Firmware.