Century Systems FutureNet AS series 安全漏洞

Century Systems FutureNet AS series is a series of industrial routers from Century Systems, Japan. A security vulnerability exists in the Century Systems FutureNet AS series that stems from an authentication bypass that could allow a remote, unauthenticated attacker to gain access to device...

Century Systems FutureNet AS series和Century Systems FutureNet FA series 安全漏洞

Century Systems FutureNet AS series and Century Systems FutureNet FA series are both products of Century Systems Japan.Century Systems FutureNet AS series is a series of industrial routers. Century Systems FutureNet AS series is a series of industrial routers. Century Systems FutureNet FA series ...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

CVE-2024-50357

CVE-2024-50357 affects FutureNet NXR series routers from Century Systems. The issue arises because REST-APIs are unintentionally enabled on startup when http-server (GUI) or Web authentication is enabled, even though REST-APIs are disabled by default. The factory default enables http-server (GUI)...

The vulnerability of the application software interface for FutureNet NXR routers allows a perpetrator to gain unauthorized access to vulnerable routers.

The vulnerability of the application software interface for FutureNet NXR routers lies in errors in representing certain functions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the vulnerable router...

REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers

Overview FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web...

Century Systems FutureNet NXR 安全漏洞

Century Systems FutureNet NXR is a series of routers from Century Systems, Japan. A security vulnerability exists in Century Systems FutureNet NXR, which arises from an initial configuration where REST-APIs are accidentally enabled during device startup, which could allow an attacker to gain acce...

PT-2024-7891 · Futurenet · Futurenet Nxr Series Routers

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series routers affected versions not specified Description: The issue concerns the unexpected enabling of REST-APIs in the initial configuration of FutureNet NXR series routers, provided that either http-server GUI or Web...

The vulnerability of the Telnet service of the microprogramming software for routers such as FutureNet NXR, FutureNet VXR, and FutureNet WXR allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Telnet service provided by the microprogramming software for FutureNet NXR, FutureNet VXR, and FutureNet WXR is related to insecure resource initialization. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality,...

CVE-2024-36475

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed...

CVE-2024-36475

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed...

CVE-2024-36491

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service DoS condition...

CVE-2024-31070

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...

CVE-2024-31070

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly...

CVE-2024-36491

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service DoS condition...

CVE-2024-36491

CVE-2024-36491 affects FutureNet NXR/VXR/WXR series by Century Systems Co., Ltd. An administrative user can execute arbitrary OS commands, access/alter sensitive data, and trigger DoS. Public sources corroborate OS command injection (CWE-78) as the vulnerability class. Affected components are CLI...

CVE-2024-36491

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service DoS condition...