4 matches found
CVE-2020-5635
CVE-2020-5635 affects NEC Aterm SA3500G firmware prior to ver. 3.5.9. The vulnerability allows an attacker on an adjacent network to send a crafted request to a specific URL, potentially executing arbitrary commands on the device. The identified root cause is OS command injection via the exposed ...
CVE-2020-5635
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
Multiple vulnerabilities in Aterm SA3500G
Overview Aterm SA3500G provided by NEC Corporation contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5635 OS command injection CWE-78 - CVE-2020-5636 Improper Validation of Integrity Check Value CWE-354 - CVE-2020-5637 These vulnerabilities were reported by th...
JVN#55917325: Multiple vulnerabilities in Aterm SA3500G
Aterm SA3500G provided by NEC Corporation contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5635 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2| AV:A/AC:L/Au:N/C:P/I:P/A:P| Base Score: 5.8 OS...