2 matches found
CVE-2018-0629
Aterm W300P (NEC) firmware Ver1.0.13 and earlier is affected by CVE-2018-0629. The vulnerability is an OS command injection (CWE-78) in the device’s HTTP handling that allows an administrator-level attacker to execute arbitrary commands on the OS via HTTP requests/responses. The impact is elevate...
JVN#26629618: Multiple vulnerabilities in Aterm W300P
Aterm W300P provided by NEC Corporation contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2018-0629, CVE-2018-0630, CVE-2018-0631 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H| Base Score: 6.8 CVSS v2|...