20 matches found
EUVD-2020-26798
Malware in sbrugna...
EUVD-2020-26796
Malware in sbrugna...
CVE-2020-5636
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
CVE-2020-5637
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...
CVE-2020-5636
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
CVE-2020-5635
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
CVE-2020-5637
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...
CVE-2020-5636
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
CVE-2020-5635
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
CVE-2020-5637
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...
Input validation
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...
Command injection
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
CVE-2020-5637
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...
CVE-2020-5637
CVE-2020-5637 affects NEC Aterm SA3500G firmware prior to Ver. 3.5.9. The root cause is improper validation of the integrity check value, enabling an attacker with administrative privileges to execute a malicious program via the device’s management interface. Other linked CVEs (CVE-2020-5635/5636...
CVE-2020-5636
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
CVE-2020-5635
CVE-2020-5635 affects NEC Aterm SA3500G firmware prior to ver. 3.5.9. The vulnerability allows an attacker on an adjacent network to send a crafted request to a specific URL, potentially executing arbitrary commands on the device. The identified root cause is OS command injection via the exposed ...
Multiple vulnerabilities in Aterm SA3500G
Overview Aterm SA3500G provided by NEC Corporation contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5635 OS command injection CWE-78 - CVE-2020-5636 Improper Validation of Integrity Check Value CWE-354 - CVE-2020-5637 These vulnerabilities were reported by th...
JVN#55917325: Multiple vulnerabilities in Aterm SA3500G
Aterm SA3500G provided by NEC Corporation contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5635 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2| AV:A/AC:L/Au:N/C:P/I:P/A:P| Base Score: 5.8 OS...
Nec Platforms Aterm SAG firmware Operating System Command Injection Vulnerability
The Nec Platforms Aterm SA3500G is an appliance from Japan's Nec Platforms that provides security for corporate intranet environments. The appliance includes features such as antivirus, firewall, intrusion detection defense, routing, and link layer support. A security vulnerability exists in the...
Nec Platforms Aterm SAG firmware Operating System Command Injection Vulnerability
The Nec Platforms Aterm SA3500G is an appliance from Japan's Nec Platforms that provides security for corporate intranet environments. The appliance includes features such as antivirus, firewall, intrusion detection defense, routing, and link layer support. A security vulnerability exists in the...