4 matches found
CVE-2020-5636
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution...
CVE-2020-5636
The CVE-2020-5636 issue affects NEC Aterm SA3500G devices with firmware versions prior to 3.5.9. A privileged administrator can send a specially crafted request to a specific URL, leading to arbitrary command execution on the device. The vulnerability is tied to the device’s management interface ...
Multiple vulnerabilities in Aterm SA3500G
Overview Aterm SA3500G provided by NEC Corporation contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5635 OS command injection CWE-78 - CVE-2020-5636 Improper Validation of Integrity Check Value CWE-354 - CVE-2020-5637 These vulnerabilities were reported by th...
JVN#55917325: Multiple vulnerabilities in Aterm SA3500G
Aterm SA3500G provided by NEC Corporation contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5635 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2| AV:A/AC:L/Au:N/C:P/I:P/A:P| Base Score: 5.8 OS...