CVE-2024-50357

🗓️ 29 Nov 2024 09:06:56Reported by jpcertType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 86 Views

FutureNet NXR series routers by Century Systems Co., Ltd. have a security issue where REST-APIs are unexpectedly enabled, allowing attackers to alter settings

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the application software interface for FutureNet NXR routers allows a perpetrator to gain unauthorized access to vulnerable routers.	14 Nov 202400:00	–	bdu_fstec
Circl	CVE-2024-50357	29 Nov 202409:16	–	circl
CNNVD	Century Systems FutureNet NXR 安全漏洞	31 Oct 202400:00	–	cnnvd
Cvelist	CVE-2024-50357	29 Nov 202409:06	–	cvelist
EUVD	EUVD-2024-45180	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers	1 Nov 202404:49	–	jvn
NVD	CVE-2024-50357	29 Nov 202410:15	–	nvd
Positive Technologies	PT-2024-7891 · Futurenet · Futurenet Nxr Series Routers	31 Oct 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-50357	5 Feb 202506:42	–	redhatcve
The Hacker News	THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 - Dec 1)	2 Dec 202411:14	–	thn

Vulners

Vulnrichment

Node

century_systems_co.,_ltd.futurenet_nxr-g110_seriesMatch21.15.7

century_systems_co.,_ltd.futurenet_nxr-g110_seriesRange<21.15.9

century_systems_co.,_ltd.futurenet_nxr-g060_seriesRange<21.15.6C1

century_systems_co.,_ltd.futurenet_nxr-g050_seriesMatch21.12.5

century_systems_co.,_ltd.futurenet_nxr-g050_seriesRange<21.12.11

[
  {
    "vendor": "Century Systems Co., Ltd.",
    "product": "FutureNet NXR-G110 series",
    "versions": [
      {
        "version": "firmware versions 21.15.7 and later but prior to 21.15.9",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Century Systems Co., Ltd.",
    "product": "FutureNet NXR-G060 series",
    "versions": [
      {
        "version": "firmware versions prior to 21.15.6C1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Century Systems Co., Ltd.",
    "product": "FutureNet NXR-G050 series",
    "versions": [
      {
        "version": "firmware versions 21.12.5 and later but prior to 21.12.11",
        "status": "affected"
      }
    ]
  }
]

Source	Link
centurysys	www.centurysys.co.jp/backnumber/nxr_common/20241031-01.html
jvn	www.jvn.jp/en/vu/JVNVU95001899/

17 Jun 2026 08:04Current

7.4High risk

Vulners AI Score7.4

CVSS 39.8

EPSS0.00556

SSVC

CWE-684

futurenet nxr series century systems co.ltd.rest-apis security issue attackers settings.