2 matches found
JVN#38248512: Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2
Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2 provided by NEC Corporation contain multiple vulnerabilities listed below. Aterm WF800HP: Cross-site Scripting CWE-79 - CVE-2021-20620 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS...
CVE-2017-12575
CVE-2017-12575 affects NEC Aterm WG2600HP2 (and related WG2600HP variants). Connected sources describe an improper access control issue where web service APIs for the device configuration do not require authentication, allowing an attacker to retrieve sensitive data (e.g., DHCP clients, firmware ...