18 matches found
CVE-2024-28006
CVE-2024-28006 affects NEC Aterm series (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP, W1200EX(-MS), WG1200HS, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N,...
CVE-2024-28012
Summary: CVE-2024-28012 affects NEC Aterm series (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1810HP, WRkleh, etc.). The issue is described as an improper authentication vulnerability that enables an attacker to execute an arbitrary command with root privileges over the internet. What’s a...
CVE-2024-28010
CVE-2024-28010 affects NEC Aterm series devices (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, etc.). Root cause: use of hard-coded passwords in the device firmware, enabling an unauthenticated or weak-credential scenario that could permit an attacker to execute arbitrary OS comman...
CVE-2024-28005
CVE-2024-28005 affects NEC Aterm family (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WR8165N, WM3400RN, WG1810HP, and many others listed in sources). The root cause is an Incorrect Permission Assignment for a Critical Resource (CWE-732) that, when combined with high privileges, allows an attacker to e...
CVE-2024-28009
CVE-2024-28009 affects NEC Aterm router series (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, W1200EX-MS, WG1200HS/HP, WF300HP2, WR8165N, WG1810HP, MR01LN/MR02LN, WM3400RN, WR8400N, etc.). The issue is an improper authentication vulnerability that enables an attacker to ...
CVE-2024-28011
CVE-2024-28011 affects NEC Aterm series (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, W1200EX, WG1200HS/HP, WF300HP2, W300P, WR... etc. All versions allow an attacker to execute an arbitrary OS command with root privileges over the internet. Connected sources confirm a ...
CVE-2024-28014
Summary: CVE-2024-28014 is a stack-based buffer overflow in NEC Aterm devices (multiple WG/WR/WG18xx/WM/WF/others) that enables an attacker to execute arbitrary commands over the internet. Red Hat and JVN entries corroborate the vulnerability across many NEC Aterm model lines, including WG1800HP4...
CVE-2024-28016
CVE-2024-28016 concerns an Improper Access Control in NEC Aterm devices (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1200HS2, WG1900HP, W1200EX, WG1800HP4, WG1810HP, WR8200N, WM3800R, etc.). The root cause (as described in Red Hat, NVD, CVE lists) is exposure of device information to the ...
CVE-2024-28015
OS Command Injection (CWE-78) affecting NEC Aterm router series (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, WR8165N, WG1800HP4, WG1810HP(JE/MF), WM3400RN, CR2500P, MR01LN/MR02LN, etc.) allows an attacker to execute arbitrary commands with root pr...
CVE-2024-28013
CVE-2024-28013 concerns NEC Aterm devices (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP2, WG1200HS, WG1800HP, W1200EX-MS, CR2500P, WR8200N, WM3800R, WG1810HP, MR01LN, MR02LN, and many other WG/WG/WF/WR/WL models) where the vulnerability stems from Use of Insufficiently Random Values. The issue...
CVE-2024-28008
CVE-2024-28008 affects NEC Aterm routers (multiple models listed, incl. WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, etc.). Root cause: Active Debug Code in the device allows an attacker to execute arbitrary OS commands via the internet. Impact: unauthenticated remote command execution with high r...
CVE-2024-28007
The CVE-2024-28007 entry describes an improper authentication vulnerability in NEC Aterm devices (multiple WG/WR/WF/WM/WG series, including WG1800HP4, WG1200HS3, WG1900HP2, etc.) that enables an unauthenticated attacker to execute arbitrary commands with root privileges over the Internet. Connect...
CVE-2021-20680
CVE-2021-20680 is a cross-site scripting vulnerability in NEC Aterm devices. The issue affects multiple models and firmware versions (e.g., WG1900HP2/WG1900HP, WG1800HP4/3, WG1200HS2/HP3/HP2, W1200EX/EX-MS, WG1200HS/HP, WF800HP, WF300HP2, WR8165N, W500P, W300P, and others) and allows remote attac...
CVE-2018-0632
CVE-2018-0632 is a Buffer Overflow affecting NEC Aterm W300P firmware v1.0.13 and earlier. An attacker with administrative rights could execute arbitrary code via HTTP requests/responses. Multiple connected sources (CNVD-2019-01105, JVN entries, and CVE listings) corroborate that the vulnerabilit...
CVE-2018-0629
Aterm W300P (NEC) firmware Ver1.0.13 and earlier is affected by CVE-2018-0629. The vulnerability is an OS command injection (CWE-78) in the device’s HTTP handling that allows an administrator-level attacker to execute arbitrary commands on the OS via HTTP requests/responses. The impact is elevate...
CVE-2018-0633
CVE-2018-0633 concerns NEC Aterm W300P wireless router. The issue is a buffer overflow in the device’s handling of the submit-url parameter in Ver1.0.13 and earlier, which can allow an attacker with administrative privileges to execute arbitrary code. Affected product: Aterm W300P (NEC). Root cau...
CVE-2018-0630
The CVE-2018-0630 issue affects NEC Aterm W300P routers (firmware Ver1.0.13 and earlier). A command-injection flaw exists in the sysCmd parameter that allows an authenticated administrator to execute arbitrary OS commands on the device. Impact is elevated due to administrative access required; ex...
CVE-2018-0631
CVE-2018-0631 affects the NEC Aterm W300P router (firmware version: Ver1.0.13 and earlier). The vulnerability allows an attacker with administrative privileges to execute arbitrary operating system commands via the targetAPSsid parameter. Underlying issue is a command injection flaw in the device...