← Back

CVE-2021-37386

nvd nist
Published: Jul 17, 2023Modified: Jun 17, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H
Exploitability: 1.7 / Impact: 5.3
Source: NVD

Description

Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function.

Affected (4)

Furukawa
4 products
423 41w/ac Firmware
Ld421 21w Firmware
Ld420 10r Firmware
Ld421 21wv Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
423 41w/ac Firmware
Before 1.2.0
Running on/withPlatform Versions
Furukawa
423 41w/ac
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ld421 21w Firmware
Before 1.5.0
Running on/withPlatform Versions
Furukawa
Ld421 21w
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ld420 10r Firmware
Before 1.4.0
Running on/withPlatform Versions
Furukawa
Ld420 10r
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ld421 21wv Firmware
Before 1.5.0
Running on/withPlatform Versions
Furukawa
Ld421 21wv
All versions

Related CWEs

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (8)

Source: cve@mitre.org
Not Applicable
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Not Applicable
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.