Search criteria
65 vulnerabilities
CVE-2026-8652 (GCVE-0-2026-8652)
Vulnerability from cvelistv5 – Published: 2026-05-25 02:23 – Updated: 2026-05-25 02:40
VLAI
Summary
An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network.
Severity
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Platforms, Ltd. | Aterm MR51FN |
Affected:
Before Ver. 3.4.0
|
|
| NEC Platforms, Ltd. | Aterm CM51FD |
Affected:
Before Ver. 1.2.0
|
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Aterm MR51FN",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 3.4.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm CM51FD",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sou Katou of Mitsui \u0026 Co. Secure Direction, Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product\u2019s web console, they may be able to execute arbitrary OS commands via adjacent network."
}
],
"value": "An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product\u2019s web console, they may be able to execute arbitrary OS commands via adjacent network."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T02:40:41.776Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv26-003_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2026-8652",
"datePublished": "2026-05-25T02:23:26.442Z",
"dateReserved": "2026-05-15T04:57:29.637Z",
"dateUpdated": "2026-05-25T02:40:41.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6059 (GCVE-0-2026-6059)
Vulnerability from cvelistv5 – Published: 2026-05-25 02:22 – Updated: 2026-05-25 02:41
VLAI
Summary
A cross-site scripting vulnerability exists in Aterm. Arbitrary scripts may be executed in the web browser of a user accessing the web management interface via adjacent network.
Severity
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Platforms, Ltd. | Aterm WX1800HP |
Affected:
Before Ver. 3.2.2
|
|
| NEC Platforms, Ltd. | Aterm WX5400HP |
Affected:
Before Ver. 2.1.0
|
|
| NEC Platforms, Ltd. | Aterm WX7800T8 |
Affected:
Before Ver. 1.5.1
|
|
| NEC Platforms, Ltd. | Aterm WX11000T12 |
Affected:
Before Ver. 1.4.0
|
|
| NEC Platforms, Ltd. | Aterm WX3000HP2 |
Affected:
Before Ver. 1.3.2
|
|
| NEC Platforms, Ltd. | Aterm WX4200D5 |
Affected:
Before Ver. 1.3.5
|
|
| NEC Platforms, Ltd. | Aterm GX621A1 |
Affected:
Before Ver. 3.2.2
|
|
| NEC Platforms, Ltd. | Aterm SH621A1 |
Affected:
Before Ver. 3.2.2
|
|
| NEC Platforms, Ltd. | Aterm 19000T12BE |
Affected:
Before Ver. 1.1.0
|
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Aterm WX1800HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 3.2.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX5400HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 2.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX7800T8",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.5.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX11000T12",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3000HP2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX4200D5",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm GX621A1",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 3.2.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm SH621A1",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 3.2.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm 19000T12BE",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Noriaki Iwasaki of Cyber Defense Institute, Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cross-site scripting vulnerability exists in Aterm. Arbitrary scripts may be executed in the web browser of a user accessing the web management interface via adjacent network."
}
],
"value": "A cross-site scripting vulnerability exists in Aterm. Arbitrary scripts may be executed in the web browser of a user accessing the web management interface via adjacent network."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T02:41:19.695Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv26-002_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2026-6059",
"datePublished": "2026-05-25T02:22:29.809Z",
"dateReserved": "2026-04-10T01:20:30.411Z",
"dateUpdated": "2026-05-25T02:41:19.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4620 (GCVE-0-2026-4620)
Vulnerability from cvelistv5 – Published: 2026-03-27 11:53 – Updated: 2026-04-10 04:13
VLAI
Summary
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.
Severity
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Platforms, Ltd. | Aterm WX1500HP |
Affected:
Before Ver. 1.4.2
|
|
| NEC Platforms, Ltd. | Aterm WX3600HP |
Affected:
Before Ver. 1.4.2
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T12:44:33.997346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T12:48:31.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Aterm WX1500HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3600HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Chuya Hayakawa of Zero Zero One Co., Ltd."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network."
}
],
"value": "OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T04:13:14.137Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv26-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2026-4620",
"datePublished": "2026-03-27T11:53:41.863Z",
"dateReserved": "2026-03-23T06:04:47.524Z",
"dateUpdated": "2026-04-10T04:13:14.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4622 (GCVE-0-2026-4622)
Vulnerability from cvelistv5 – Published: 2026-03-27 11:53 – Updated: 2026-04-10 04:14
VLAI
Summary
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.
Severity
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Platforms, Ltd. | Aterm WG2600HS |
Affected:
Before Ver. 1.7.2
|
|
| NEC Platforms, Ltd. | Aterm WF1200CR |
Affected:
Before Ver. 1.6.0
|
|
| NEC Platforms, Ltd. | Aterm WG1200CR |
Affected:
Before Ver. 1.5.0
|
|
| NEC Platforms, Ltd. | Aterm WG2600HP4 |
Affected:
Before Ver. 1.4.2
|
|
| NEC Platforms, Ltd. | Aterm WG2600HM4 |
Affected:
Before Ver. 1.4.2
|
|
| NEC Platforms, Ltd. | Aterm WG2600HS2 |
Affected:
Before Ver. 1.3.2
|
|
| NEC Platforms, Ltd. | Aterm WX3000HP |
Affected:
Before Ver. 2.5.0
|
|
| NEC Platforms, Ltd. | Aterm WX3000HP2 |
Affected:
Before Ver. 1.3.2
|
|
| NEC Platforms, Ltd. | Aterm GB1200PE |
Affected:
Before Ver. 1.3.1
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T12:50:35.148912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T12:53:16.253Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HS",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WF1200CR",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.6.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200CR",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HP4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HM4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HS2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3000HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 2.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3000HP2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm GB1200PE",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Chuya Hayakawa of Zero Zero One Co., Ltd."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network."
}
],
"value": "OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T04:14:44.673Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv26-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2026-4622",
"datePublished": "2026-03-27T11:53:12.245Z",
"dateReserved": "2026-03-23T06:04:49.866Z",
"dateUpdated": "2026-04-10T04:14:44.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4621 (GCVE-0-2026-4621)
Vulnerability from cvelistv5 – Published: 2026-03-27 11:52 – Updated: 2026-04-10 04:13
VLAI
Summary
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.
Severity
CWE
- CWE-912 - Hidden Functionality
Assigner
References
1 reference
Impacted products
25 products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T12:57:21.304368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T12:57:32.214Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Aterm W1200EX(-MS)",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HP2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1900HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HS2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1800HP3",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HP3",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1900HP2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HS3",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1800HP4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HP4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HS4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX1500HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HS",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WF1200CR",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.6.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200CR",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HP4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HM4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HS2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3000HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 2.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3000HP2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3600HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm GX1200HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm GX1200HS4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200DM4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm GB1200PE",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Chuya Hayakawa of Zero Zero One Co., Ltd."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network."
}
],
"value": "Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912: Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T04:13:59.147Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv26-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2026-4621",
"datePublished": "2026-03-27T11:52:48.222Z",
"dateReserved": "2026-03-23T06:04:48.670Z",
"dateUpdated": "2026-04-10T04:13:59.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4619 (GCVE-0-2026-4619)
Vulnerability from cvelistv5 – Published: 2026-03-27 11:46 – Updated: 2026-04-10 04:12
VLAI
Summary
Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network.
Severity
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Platforms, Ltd. | Aterm WX3600HP |
Affected:
Before Ver. 1.5.3
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4619",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T11:59:45.121746Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T11:59:56.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Aterm WX3600HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.5.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Chuya Hayakawa of Zero Zero One Co., Ltd."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network."
}
],
"value": "Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T04:12:05.787Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv26-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2026-4619",
"datePublished": "2026-03-27T11:46:54.450Z",
"dateReserved": "2026-03-23T06:04:46.181Z",
"dateUpdated": "2026-04-10T04:12:05.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4309 (GCVE-0-2026-4309)
Vulnerability from cvelistv5 – Published: 2026-03-27 11:46 – Updated: 2026-04-10 04:10
VLAI
Summary
Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network.
Severity
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
24 products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T12:00:30.434329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T12:15:32.249Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Aterm W1200EX(-MS)",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HP2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1900HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HS2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1800HP3",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HP3",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1900HP2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HS3",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1800HP4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HP4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200HS4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX1500HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HS",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WF1200CR",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.6.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200CR",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HP4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HM4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.4.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HS2",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3000HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 2.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WX3600HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.5.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm GX1200HP",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm GX1200HS4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm WG1200DM4",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Aterm GB1200PE",
"vendor": "NEC Platforms, Ltd.",
"versions": [
{
"status": "affected",
"version": "Before Ver. 1.3.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network."
}
],
"value": "Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T04:10:43.726Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv26-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2026-4309",
"datePublished": "2026-03-27T11:46:26.310Z",
"dateReserved": "2026-03-17T01:53:09.153Z",
"dateUpdated": "2026-04-10T04:10:43.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11545 (GCVE-0-2025-11545)
Vulnerability from cvelistv5 – Published: 2025-12-22 05:18 – Updated: 2025-12-22 14:32
VLAI
Summary
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions.
Severity
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
1 reference
Impacted products
4 products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T14:32:50.907626Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T14:32:57.020Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NP-PA1705UL-W, NP-PA1705UL-W+, NP-PA1705UL-B, NP-PA1705UL-B+, NP-PA1505UL-W, NP-PA1505UL-W+, NP-PA1505UL-B, NP-PA1505UL-B+, NP-PA1505UL-BJL NP-PV800UL-W, NP-PV800UL-W+, NP-PV800UL-B, NP-PV800UL-B+, NP-PV710UL-W, NP-PV710UL-W+, NP-PV710UL-B, NP-PV710UL-B+, NP-PV800UL-W1, NP-PV800UL-B1, NP-PV710UL-W1, NP-PV710UL-B1, NP-PV800UL-B1G, NP-PV710UL-B1G, NP-PV800UL-WH, NP-PV710UL-WH, NP-P627UL, NP-P627ULG, NP-P627UL+, NP-P547UL, NP-P547ULG, NP-P607UL+, NP-CG6600UL, NP-H6271UL, NP-H5471UL, NP-P627ULH, NP-P547ULH NP-PV710UL+ NP-PA1004UL-W, NP-PA1004UL-WG, NP-PA1004UL-W+, NP-PA1004UL-WH, NP-PA1004UL-B, NP-PA1004UL-BG, NP-PA1004UL-B+, NP-PA804UL-W, NP-PA804UL-WG, NP-PA804UL-W+, NP-PA804UL-WH, NP-PA804UL-B, NP-PA804UL-BG, NP-PA804UL-B+, NP-PA1004UL-BH, NP-PA804UL-BH, NP-PE455UL, NP-PE455ULG, NP-PE455WL, NP-PE455WLG, NP-PE505XLG, NP-CG6500XL, NP-CG6400UL, NP-CG6400WL, NP-CB4500XL, NP-CA4120X, NP-CA4160W, NP-CA4160X, NP-CA4200U, NP-CA4200W, NP-CA4202W, NP-CA4260X, NP-CA4300X, NP-CA4355X, NP-CD2100U, NP-CD2120X, NP-CD2300X, NP-CR2100X, NP-CR2170W, NP-CR2170X, NP-CR2200U, NP-CR2200W, NP-CR2280X, NP-CR2310X, NP-CR2350X, NP-MC302XG, NP-MC332WG, NP-MC342XG, NP-MC372X, NP-MC372XG, NP-MC382W, NP-MC382WG, NP-MC422XG, NP-ME342UG, NP-ME372W, NP-ME372WG, NP-ME382U, NP-ME382UG, NP-ME402X, NP-ME402XG NP-CU4300XD, NP-CU4200XD, NP-CU4200WD, NP-UM383WL, NP-UM383WLG, NP-CJ2200WD, NP-PH3501QL, NP-PH3501QL+, NP-PH2601QL, NP-PH2601QL+, NP-PH350Q40L, NP-PH260Q30L, NP-PX1005QL-W, NP-PX1005QL-B, NP-PX1005QL-B+, NP-P525UL, NP-P525ULG, NP-P525UL+, NP-P525WL, NP-P525WLG, NP-P525WL+, NP-P605UL, NP-P605ULG, NP-P605UL+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "NP-CG6500UL, NP-CG6500WL, NP-CB4500UL, NP-CB4500WL, NP-P525ULH, NP-P525WLH, NP-P605ULH, NP-P554U, NP-P554UG, NP-P554U+, NP-P554W, NP-P554WG, NP-P554W+, NP-P474U, NP-P474UG, NP-P474W, NP-P474WG, NP-P604XG, NP-P604X+, NP-P603XG, NP-P523X+, NP-PE523XG, NP-PE523X+, NP-CF6600U, NP-CF6600W, NP-CF6700X, NP-CF6500X, NP-CB4600U, NP-P554UH, NP-P554WH, NP-P474UH, NP-P474WH, NP-P604XH, NP-P603XH, NP-PE523XH, NP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG NP-PA653UL, NP-PA653ULG, NP-PA653UL+, NP-PA803UL, NP-PA803ULG, NP-PA803UL+, NP-PA703UL, NP-PA703ULG, NP-PA703UL+, NP-PA733UL+, NP-PA803U, NP-PA803UG, NP-PA803U+, NP-PA723UG, NP-PA653U, NP-PA653UG, NP-PA653U+, NP-PA853W, NP-PA853WG, NP-PA853W+, NP-PA703WG, NP-PA903X, NP-PA903XG, NP-PA903X+, NP-PA753W+, NP-PA653W+, NP-PA803X+, NP-PA703X+, NP-PA803UH, NP-PA723UH, NP-PA653UH, NP-PA853WH, NP-PA703WH, NP-PA903XH, NP-ME401W, NP-ME361W, NP-ME331W, NP-ME301W, NP-ME401X, NP-ME361X, NP-ME331X, NP-ME301X, NP-ME401WG, NP-ME361WG, NP-ME331WG, NP-ME301WG, NP-ME401XG, NP-ME361XG, NP-ME331XG, NP-ME301XG NP-PX1004UL-WH, NP-PX1004UL-WH+, NP-PX1004UL-BK, NP-PX1004UL-BK+, NP-CA4155W, NP-CA4350X, NP-CA4255X, NP-CA4155X, NP-CA4115X, NP-MC331WG, NP-MC421XG, NP-MC401XG, NP-MC371XG, NP-MC331XG, NP-MC301XG, NP-CK4155W, NP-CK4255X, NP-CK4155X, NP-CK4055X, NP-CM4150X, NP-CM4050X, NP-CK4155WG, NP-CK4255XG, NP-CK4155XG, NP-CR2165W, NP-CR2305X, NP-CR2275X, NP-CR2165X, NP-CR2155X, NP-CD2115X, NP-CD2105X, NP-CM4151X, NP-CR2276X, NP-CD2116X, NP-PA551U+, NP-PA601W+, NP-PA651X+, NP-PX803UL-WH, NP-PX803UL-BK, NP-PX803UL-WH+, NP-PX803UL-BK+, NP-P502H, NP-P502W, NP-P452H",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "NP-P452W, NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W, NP-M363W, NP-M323W, NP-M403X, NP-M363X, NP-M323X, NP-M283X, NP-M403WG, NP-M363WG, NP-M323WG, NP-M403XG, NP-M363XG, NP-M323XG, NP-M283XG, NP-M403W+, NP-M363W+, NP-M323W+, NP-M403X+, NP-M363X+, NP-M323X+, NP-M283X+, NP-M403H, NP-M403HG, NP-M323HG, NP-M403H+, NP-M323H+, NP-MC370X+, NP-MC330X+, NP-MC300X+, NP-MC330W+, NP-MC350XS+, NP-MC320XS+, NP-MC280XS+, NP-MC320WS+, NP-CD2100X, NP-CD2110X, NP-CR2150X, NP-CR2160X, NP-CR2270X, NP-M353WS, NP-M333XS, NP-M353WSG, NP-M303WSG, NP-M333XSG, NP-M353WS+, NP-M303WS+, NP-M333XS+, NP-M353HS+, NP-M323HS+, NP-M303HS+, NP-PH1202HL, NP-PH1202HL+, NP-PH1002HL+, NP-PX602UL-WH, NP-PX602UL-BK, NP-PX602WL-WH, NP-PX602WL-BK, NP-PX602UL-WH+, NP-PX602UL-BK+, NP-PX602WL-WH+, NP-PX602WL-BK+, NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, , NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+, NP-UM361X, NP-UM351W, NP-UM301XG, NP-UM361XG, NP-UM301WG, NP-UM351WG, NP-UM301X+, NP-UM361X+, NP-UM301W+, NP-UM351W+, NP-M322W, NP-M402X, NP-M322XG, NP-M282X, NP-M402WG, NP-M362WG, NP-M322WG, NP-M402XG, NP-M362XG, NP-M322XG, NP-M282XG, NP-M402W+, NP-M362W+, NP-M322W+, NP-M402X+, NP-M362X+, NP-M322X+, NP-M282X+, NP-M402H, NP-M402HG, NP-M402H+, NP-M322H+, NP-M352WS, NP-M332XS, NP-M352WSG, NP-M302WSG, NP-M332XSG, NP-M352WS+, NP-M302WS+, NP-M332XS+, NP-PA721X, NP-PA621X, NP-PA571W, NP-PA671W, NP-PA621U, NP-PA521U, NP-PA721XG, NP-PA621XG, NP-PA571WG, NP-PA671WG, NP-PA621UG, NP-521UG, NP-PA721X+, NP-PA621X+, NP-PA571W+, NP-PA671W+, NP-PA621U+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "NP-PA521U+, NP-PA722X, NP-PA622X, NP-PA572W, NP-PA672W, NP-PA622U, NP-PA522U, NP-PA722XG, NP-PA622XG, NP-PA572WG, NP-PA672WG, NP-PA622UG, NP-522UG, NP-PA722X+, NP-PA622X+, NP-PA572W+, NP-PA672W+, NP-PA622U+, NP-PA522U+, NP-PH1400U, NP-PH1400U+, NP-P501X, NP-P451X, NP-P451W, NP-P401W, NP-P501XG, NP-P451XG, NP-P451WG, NP-P401WG, NP-PE501XG, NP-P501X+, NP-P451X+, NP-P451W+, NP-P401W+, NP-PE501X+, NP-M271X, NP-M311X, NP-M311W, NP-M271XG, NP-M311XG, NP-M361XG, NP-M271WG, NP-M311WG, NP-M271W+, NP-M311W+, NP-UM330X, NP-UM330W, NP-UM280XG, NP-UM330XG, NP-UM280WG, NP-UM330WG, NP-UM280X+, NP-UM330X+, NP-UM280W+, NP-UM330W+, NP-PH100U, NP-PH1000U+, NP-PX750U, NP-PX700W, NP-PX800X, NP-PX750UG, NP-PX700WG, NP-PX800XG, NP-PX750U+, NP-PX700W+, NP-PX800X+, NP-PX750U2, NP-PX700W2, NP-PX800X2, NP-PX750UG2, NP-PX700WG2, NP-PX800XG2, NP-PA600X, NP-PA500X, NP-PA550W, NP-PA500U, NP-PA600XG, NP-PA500XG, NP-PA550WG, NP-PA500UG, NP-PA600X+, NP-PA500X+, NP-PA550W+, NP-PA500U+ NP-M280XS+, NP-M320XS+, NP-M350XS+, NP-M350XSG, NP-M300XS+, NP-M300XSG, NP-M300XS, NP-M300WS+, NP-M300WSG, NP-M300WS, NP-M260WS+, NP-M260WSG, NP-M260XS+, NP-M260XSG, NP-P420X+, NP-P420XG, NP-P420X, NP-P350X+, NP-P350XG, NP-P350X, NP-P350WA, NP-P350WG, NP-P350W, NP-M350X, NP-M300X, NP-M260X, NP-M230X, NP-M300W, NP-M260W, NP-M350XG, NP-M300XG, NP-M260XG, NP-M230XG, NP-M300WG, NP-M260WG, NP-M350X+, NP-M300X+, NP-M260X+, NP-M230X+, NP-M300W+, NP-M260W+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sebastian Pahl of University Luxembourg"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions."
}
],
"value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T05:18:58.492Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11545.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-11545",
"datePublished": "2025-12-22T05:18:58.492Z",
"dateReserved": "2025-10-09T06:46:44.715Z",
"dateUpdated": "2025-12-22T14:32:57.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11544 (GCVE-0-2025-11544)
Vulnerability from cvelistv5 – Published: 2025-12-22 05:14 – Updated: 2025-12-22 14:33
VLAI
Summary
Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware.
Severity
CWE
- CWE-912 - Hidden Functionality
Assigner
References
1 reference
Impacted products
2 products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11544",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T14:33:23.902825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T14:33:29.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NP-P627UL, NP-P627ULG, NP-P627UL+, NP-P547UL, NP-P547ULG, NP-P607UL+, NP-CG6600UL, NP-H6271UL, NP-H5471UL, NP-P627ULH, NP-P547ULH, NP-PE455UL, NP-PE455ULG, NP-PE455WL, NP-PE455WLG, NP-PE505XLG, NP-CG6500XL, NP-CG6400UL, NP-CG6400WL, NP-CB4500XL, NP-CA4120X, NP-CA4160W, NP-CA4160X, NP-CA4200U, NP-CA4200W, NP-CA4202W, NP-CA4260X, NP-CA4300X, NP-CA4355X, NP-CD2100U, NP-CD2120X, NP-CD2300X, NP-CR2100X, NP-CR2170W, NP-CR2170X, NP-CR2200U, NP-CR2200W, NP-CR2280X, NP-CR2310X, NP-CR2350X, NP-MC302XG, NP-MC332WG, NP-MC342XG, NP-MC372X, NP-MC372XG, NP-MC382W, NP-MC382WG, NP-MC422XG, NP-ME342UG, NP-ME372W, NP-ME372WG, NP-ME382U, NP-ME382UG, NP-ME402X, NP-ME402XG, NP-P525UL, NP-P525ULG, NP-P525UL+, NP-P525WL, NP-P525WLG, NP-P525WL+, NP-P605UL, NP-P605ULG, NP-P605UL+, NP-CG6500UL, NP-CG6500WL, NP-CB4500UL, NP-CB4500WL, NP-P525ULH, NP-P525WLH, NP-P605ULH, NP-P554U, NP-P554UG, NP-P554U+, NP-P554W, NP-P554WG, NP-P554W+, NP-P474U, NP-P474UG, NP-P474W, NP-P474WG, NP-P604XG, NP-P604X+, NP-P603XG, NP-P523X+, NP-PE523XG, NP-PE523X+, NP-CF6600U, NP-CF6600W, NP-CF6700X, NP-CF6500X, NP-CB4600U, NP-P554UH, NP-P554WH, NP-P474UH, NP-P474WH, NP-P604XH, NP-P603XH, NP-PE523XH, NP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG ,NP-ME401W, NP-ME361W, NP-ME331W, NP-ME301W, NP-ME401X, NP-ME361X, NP-ME331X, NP-ME301X, NP-ME401WG, NP-ME361WG, NP-ME331WG, NP-ME301WG, NP-ME401XG, NP-ME361XG, NP-ME331XG, NP-ME301XG, NP-CA4155W, NP-CA4350X, NP-CA4255X, NP-CA4155X, NP-CA4115X, NP-MC331WG, NP-MC421XG, NP-MC401XG, NP-MC371XG, NP-MC331XG, NP-MC301XG, NP-CK4155W, NP-CK4255X, NP-CK4155X, NP-CK4055X, NP-CM4150X, NP-CM4050X, NP-CK4155WG, NP-CK4255XG, NP-CK4155XG, NP-CR2165W, NP-CR2305X, NP-CR2275X, NP-CR2165X, NP-CR2155X, NP-CD2115X, NP-CD2105X, NP-CM4151X, NP-CR2276X, NP-CD2116X, NP-P502H, NP-P502W, NP-P452H, NP-P452W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W NP-M363W, NP-M323W, NP-M403X, NP-M363X, NP-M323X, NP-M283X, NP-M403WG, NP-M363WG, NP-M323WG, NP-M403XG, NP-M363XG, NP-M323XG, NP-M283XG, NP-M403W+, NP-M363W+, NP-M323W+, NP-M403X+, NP-M363X+, NP-M323X+, NP-M283X+, NP-M403H, NP-M403HG, NP-M323HG, NP-M403H+, NP-M323H+ NP-MC370X+, NP-MC330X+, NP-MC300X+, NP-MC330W+, NP-MC350XS+, NP-MC320XS+, NP-MC280XS+, NP-MC320WS+, NP-CD2100X, NP-CD2110X, NP-CR2150X, NP-CR2160X, NP-CR2270X, NP-M353WS, NP-M333XS, NP-M353WSG, NP-M303WSG, NP-M333XSG, NP-M353WS+, NP-M303WS+, NP-M333XS+, NP-M353HS+, NP-M323HS+, NP-M303HS+ NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, , NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+, NP-UM361X, NP-UM351W, NP-UM301XG, NP-UM361XG, NP-UM301WG, NP-UM351WG, NP-UM301X+, NP-UM361X+, NP-UM301W+, NP-UM351W+ NP-P501X, NP-P451X, NP-P451W, NP-P401W, NP-P501XG, NP-P451XG, NP-P451WG, NP-P401WG, NP-PE501XG, NP-P501X+, NP-P451X+, NP-P451W+, NP-P401W+, NP-PE501X+ NP-M271X, NP-M311X, NP-M311W, NP-M271XG, NP-M311XG, NP-M361XG, NP-M271WG, NP-M311WG, NP-M271W+, NP-M311W+ NP-UM330X, NP-UM330W, NP-UM280XG, NP-UM330XG, NP-UM280WG, NP-UM330WG, NP-UM280X+, NP-UM330X+, NP-UM280W+, NP-UM330W+, NP-M280XS+, NP-M320XS+, NP-M350XS+, NP-M350XSG, NP-M300XS+, NP-M300XSG, NP-M300XS, NP-M300WS+, NP-M300WSG, NP-M300WS, NP-M260WS+, NP-M260WSG, NP-M260XS+, NP-M260XSG, NP-P420X+, NP-P420XG, NP-P420X, NP-P350X+, NP-P350XG, NP-P350X, NP-P350WA, NP-P350WG, NP-P350W NP-M350X, NP-M300X, NP-M260X, NP-M230X, NP-M300W, NP-M260W, NP-M350XG, NP-M300XG, NP-M260XG, NP-M230XG, NP-M300WG, NP-M260WG, NP-M350X+, NP-M300X+, NP-M260X+, NP-M230X+, NP-M300W+, NP-M260W+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sebastian Pahl of University Luxembourg"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware."
}
],
"value": "Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912: Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T05:14:29.088Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11544.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-11544",
"datePublished": "2025-12-22T05:14:29.088Z",
"dateReserved": "2025-10-09T06:46:43.385Z",
"dateUpdated": "2025-12-22T14:33:29.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11543 (GCVE-0-2025-11543)
Vulnerability from cvelistv5 – Published: 2025-12-22 05:09 – Updated: 2025-12-22 14:33 Unsupported When Assigned
VLAI
Summary
Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware.
Severity
CWE
- CWE-354 - Improper Validation of Integrity Check Value
Assigner
References
1 reference
Impacted products
1 product
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11543",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T14:33:50.755374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T14:33:56.512Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG, NP-P502H, NP-P502W, NP-P452H, NP-P452W, NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W, NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sebastian Pahl of University Luxembourg"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware."
}
],
"value": "Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T05:09:48.892Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11540.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-11543",
"datePublished": "2025-12-22T05:09:48.892Z",
"dateReserved": "2025-10-09T06:46:42.281Z",
"dateUpdated": "2025-12-22T14:33:56.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11542 (GCVE-0-2025-11542)
Vulnerability from cvelistv5 – Published: 2025-12-22 05:09 – Updated: 2025-12-22 14:34 Unsupported When Assigned
VLAI
Summary
Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs.
Severity
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T14:34:20.233756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T14:34:26.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG, NP-P502H, NP-P502W, NP-P452H, NP-P452W, NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W, NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sebastian Pahl of University Luxembourg"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs."
}
],
"value": "Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T05:09:24.937Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11540.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-11542",
"datePublished": "2025-12-22T05:09:24.937Z",
"dateReserved": "2025-10-09T06:46:41.162Z",
"dateUpdated": "2025-12-22T14:34:26.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11541 (GCVE-0-2025-11541)
Vulnerability from cvelistv5 – Published: 2025-12-22 05:09 – Updated: 2025-12-22 14:39 Unsupported When Assigned
VLAI
Summary
Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs.
Severity
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11541",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T14:39:35.498980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T14:39:44.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG, NP-P502H, NP-P502W, NP-P452H, NP-P452W, NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W, NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sebastian Pahl of University Luxembourg"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs."
}
],
"value": "Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T05:09:03.519Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11540.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-11541",
"datePublished": "2025-12-22T05:09:03.519Z",
"dateReserved": "2025-10-09T06:46:40.059Z",
"dateUpdated": "2025-12-22T14:39:44.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11540 (GCVE-0-2025-11540)
Vulnerability from cvelistv5 – Published: 2025-12-22 05:07 – Updated: 2025-12-22 17:06 Unsupported When Assigned
VLAI
Summary
Path Traversal vulnerability in Sharp Display Solutions projectors allows a attacker may access and read any files within the projector.
Severity
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
1 product
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T17:06:19.908109Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T17:06:40.735Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG, NP-P502H, NP-P502W, NP-P452H, NP-P452W, NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W, NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sebastian Pahl of University Luxembourg"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal vulnerability in Sharp Display Solutions projectors allows a attacker may access and read any files within the projector."
}
],
"value": "Path Traversal vulnerability in Sharp Display Solutions projectors allows a attacker may access and read any files within the projector."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T05:07:30.369Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11540.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-11540",
"datePublished": "2025-12-22T05:07:30.369Z",
"dateReserved": "2025-10-09T06:46:38.729Z",
"dateUpdated": "2025-12-22T17:06:40.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12049 (GCVE-0-2025-12049)
Vulnerability from cvelistv5 – Published: 2025-12-22 05:05 – Updated: 2025-12-22 17:07 Unsupported When Assigned
VLAI
Summary
Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the authoring software to the affected product without authentication.
Severity
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sharp Display Solutions, Ltd. | Media Player MP-01 |
Affected:
All versions
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12049",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T17:07:00.976136Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T17:07:30.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Media Player MP-01",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Souvik Kandar of MicroSec (microsec.io)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the authoring software to the affected product without authentication."
}
],
"value": "Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the authoring software to the affected product without authentication."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T05:05:25.588Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://sharp-displays.jp.sharp/global/support/info/MP01-CVE-2025-12049.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-12049",
"datePublished": "2025-12-22T05:05:25.588Z",
"dateReserved": "2025-10-22T00:22:02.916Z",
"dateUpdated": "2025-12-22T17:07:30.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12852 (GCVE-0-2025-12852)
Vulnerability from cvelistv5 – Published: 2025-11-19 01:01 – Updated: 2025-11-19 17:13
VLAI
Summary
DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device.
Severity
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | RakurakuMusen Start EX |
Affected:
All versions
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12852",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T17:13:04.376581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T17:13:10.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RakurakuMusen Start EX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Kohei Kuroda"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user\u0027s device."
}
],
"value": "DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user\u0027s device."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:01:46.374Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv25-007_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-12852",
"datePublished": "2025-11-19T01:01:46.374Z",
"dateReserved": "2025-11-07T04:30:21.085Z",
"dateUpdated": "2025-11-19T17:13:10.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11546 (GCVE-0-2025-11546)
Vulnerability from cvelistv5 – Published: 2025-11-07 01:09 – Updated: 2025-11-07 18:29
VLAI
Summary
CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an attacker sends specially crafted network packets to the product, arbitrary OS commands may be executed without authentication.
Severity
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | CLUSTERPRO X for Linux (EXPRESSCLUSTER X for Linux) |
Affected:
4.0, 4.1, 4.2, 5.0, 5.1 and 5.2
|
|
| NEC Corporation | CLUSTERPRO X SingleServerSafe for Linux (EXPRESSCLUSTER X SingleServerSafe for Linux) |
Affected:
4.0, 4.1, 4.2, 5.0, 5.1 and 5.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11546",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-07T18:29:04.715150Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-07T18:29:57.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CLUSTERPRO X for Linux (EXPRESSCLUSTER X for Linux)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "4.0, 4.1, 4.2, 5.0, 5.1 and 5.2"
}
]
},
{
"product": "CLUSTERPRO X SingleServerSafe for Linux (EXPRESSCLUSTER X SingleServerSafe for Linux)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "4.0, 4.1, 4.2, 5.0, 5.1 and 5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an attacker sends specially crafted network packets to the product, arbitrary OS commands may be executed without authentication."
}
],
"value": "CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an attacker sends specially crafted network packets to the product, arbitrary OS commands may be executed without authentication."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-07T04:04:50.054Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv25-006_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-11546",
"datePublished": "2025-11-07T01:09:08.662Z",
"dateReserved": "2025-10-09T06:48:19.068Z",
"dateUpdated": "2025-11-07T18:29:57.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8153 (GCVE-0-2025-8153)
Vulnerability from cvelistv5 – Published: 2025-09-17 02:10 – Updated: 2025-09-17 13:45
VLAI
Summary
Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.
Severity
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | UNIVERGE IX |
Affected:
from Ver.9.5 to Ver.10.7
|
|
| NEC Corporation | UNIVERGE IX |
Affected:
from Ver.10.8.21 to Ver.10.8.36
|
|
| NEC Corporation | UNIVERGE IX |
Affected:
from Ver.10.9.11 to Ver.10.9.24
|
|
| NEC Corporation | UNIVERGE IX |
Affected:
from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6
|
|
| NEC Corporation | UNIVERGE IX-R/IX-V |
Affected:
Ver1.3.16, Ver1.3.21
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:44:45.472287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:45:14.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "from Ver.9.5 to Ver.10.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "from Ver.10.8.21 to Ver.10.8.36"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "from Ver.10.9.11 to Ver.10.9.24"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX-R/IX-V",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.3.16, Ver1.3.21"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user\u0027s browser."
}
],
"value": "Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user\u0027s browser."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T02:10:50.272Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv25-005_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-8153",
"datePublished": "2025-09-17T02:10:09.645Z",
"dateReserved": "2025-07-25T01:38:55.766Z",
"dateUpdated": "2025-09-17T13:45:14.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6466 (GCVE-0-2024-6466)
Vulnerability from cvelistv5 – Published: 2025-01-21 10:03 – Updated: 2025-01-21 19:43
VLAI
Summary
NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified.
Severity
5.3 (Medium)
CWE
- CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WebSAM DeploymentManager |
Affected:
from v6.0 to v6.80
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T19:20:47.843701Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T19:43:54.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WebSAM DeploymentManager",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "from v6.0 to v6.80"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NEC Corporation\u0027s WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified."
}
],
"value": "NEC Corporation\u0027s WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1021",
"description": "CWE-1021: Improper Restriction of Rendered UI Layers or Frames",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T10:03:24.544Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv15-019_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-6466",
"datePublished": "2025-01-21T10:03:24.544Z",
"dateReserved": "2024-07-03T00:18:49.513Z",
"dateUpdated": "2025-01-21T19:43:54.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0356 (GCVE-0-2025-0356)
Vulnerability from cvelistv5 – Published: 2025-01-15 07:24 – Updated: 2025-04-03 15:36
VLAI
Summary
NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network.
Severity
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WX1500HP |
Affected:
Ver.1.4.2 and earlier
|
|
| NEC Corporation | WX3600HP |
Affected:
Ver.1.5.3 and earlier
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0356",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T15:36:52.964723Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T15:36:59.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WX1500HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WX3600HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.5.3 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Kakeru Kajihara of NTT Security Holdings."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network."
}
],
"value": "NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-17T10:02:45.212Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-0356",
"datePublished": "2025-01-15T07:24:25.831Z",
"dateReserved": "2025-01-09T06:20:51.166Z",
"dateUpdated": "2025-04-03T15:36:59.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0355 (GCVE-0-2025-0355)
Vulnerability from cvelistv5 – Published: 2025-01-15 07:23 – Updated: 2025-01-21 03:34
VLAI
Summary
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to get a Wi-Fi password via the network.
Severity
7.5 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WG2600HS |
Affected:
Ver.1.7.2 and earlier
|
|
| NEC Corporation | WF1200CR |
Affected:
Ver.1.6.0 and earlier
|
|
| NEC Corporation | WG1200CR |
Affected:
Ver.1.5.0 and earlier
|
|
| NEC Corporation | GB1200PE |
Affected:
Ver.1.3.0 and earlier
|
|
| NEC Corporation | WG2600HP4 |
Affected:
Ver.1.4.2 and earlier
|
|
| NEC Corporation | WG2600HM4 |
Affected:
Ver.1.4.2 and earlier
|
|
| NEC Corporation | WG2600HS2 |
Affected:
Ver.1.3.2 and earlier
|
|
| NEC Corporation | WX3000HP |
Affected:
Ver.2.4.2 and earlier
|
|
| NEC Corporation | WX4200D5 |
Affected:
Ver.1.2.4 and earlier
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:01:29.278695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:01:48.659Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WG2600HS",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.7.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200CR",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.6.0 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200CR",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.5.0 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "GB1200PE",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.3.0 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HP4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HM4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HS2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.3.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WX3000HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.2.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WX4200D5",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.4 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to get a Wi-Fi password via the network."
}
],
"value": "Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to get a Wi-Fi password via the network."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T03:34:13.440Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-0355",
"datePublished": "2025-01-15T07:23:39.481Z",
"dateReserved": "2025-01-09T06:20:49.647Z",
"dateUpdated": "2025-01-21T03:34:13.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0354 (GCVE-0-2025-0354)
Vulnerability from cvelistv5 – Published: 2025-01-15 07:21 – Updated: 2025-04-03 15:38
VLAI
Summary
Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to inject an arbitrary script via the network.
Severity
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WG2600HS |
Affected:
Ver.1.7.2 and earlier
|
|
| NEC Corporation | WG2600HP4 |
Affected:
Ver.1.4.2 and earlier
|
|
| NEC Corporation | WG2600HM4 |
Affected:
Ver.1.4.2 and earlier
|
|
| NEC Corporation | WG2600HS2 |
Affected:
Ver.1.3.2 and earlier
|
|
| NEC Corporation | WX3000HP |
Affected:
Ver.2.4.2 and earlier
|
|
| NEC Corporation | WX4200D5 |
Affected:
Ver.1.2.4 and earlier
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T15:37:52.480740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T15:38:02.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WG2600HS",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.7.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HP4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HM4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HS2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.3.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WX3000HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.2.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WX4200D5",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.4 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to inject an arbitrary script via the network."
}
],
"value": "Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to inject an arbitrary script via the network."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-17T10:02:08.927Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-0354",
"datePublished": "2025-01-15T07:21:41.810Z",
"dateReserved": "2025-01-09T06:20:47.803Z",
"dateUpdated": "2025-04-03T15:38:02.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11014 (GCVE-0-2024-11014)
Vulnerability from cvelistv5 – Published: 2024-11-29 08:06 – Updated: 2025-07-24 14:37
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27 and for Ver10.9 up to Ver10.9.14 allows a attacker to hijack the authentication of screens on the device via the management interface.
Severity
4.3 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | UNIVERGE IX |
Affected:
from Ver9.2 to Ver10.10.21
|
|
| NEC Corporation | UNIVERGE IX |
Affected:
for Ver10.8 up to Ver10.8.27
|
|
| NEC Corporation | UNIVERGE IX |
Affected:
for Ver10.9 up to Ver10.9.14
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11014",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T13:33:02.584725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T14:37:20.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "from Ver9.2 to Ver10.10.21"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "for Ver10.8 up to Ver10.8.27"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "for Ver10.9 up to Ver10.9.14"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "RyotaK of Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27 and for Ver10.9 up to Ver10.9.14 allows a attacker to hijack the authentication of screens on the device via the management interface."
}
],
"value": "Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27 and for Ver10.9 up to Ver10.9.14 allows a attacker to hijack the authentication of screens on the device via the management interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T07:22:49.583Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv24-009_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-11014",
"datePublished": "2024-11-29T08:06:19.712Z",
"dateReserved": "2024-11-08T02:59:57.594Z",
"dateUpdated": "2025-07-24T14:37:20.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11013 (GCVE-0-2024-11013)
Vulnerability from cvelistv5 – Published: 2024-11-29 08:03 – Updated: 2025-07-24 14:40
VLAI
Summary
Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device via the management interface.
Severity
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | UNIVERGE IX |
Affected:
from Ver9.2 to Ver10.10.21
|
|
| NEC Corporation | UNIVERGE IX |
Affected:
for Ver10.8 up to Ver10.8.27
|
|
| NEC Corporation | UNIVERGE IX |
Affected:
for Ver10.9 up to Ver10.9.14
|
|
| NEC Corporation | UNIVERGE IX-R/IX-V |
Affected:
Ver1.2.15 and earlier
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nec:univerge_ix:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "univerge_ix",
"vendor": "nec",
"versions": [
{
"lessThanOrEqual": "10.10.21",
"status": "affected",
"version": "9.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.8.27",
"status": "affected",
"version": "10.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.9.14",
"status": "affected",
"version": "10.9",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T13:34:19.048337Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T14:40:37.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "from Ver9.2 to Ver10.10.21"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "for Ver10.8 up to Ver10.8.27"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "for Ver10.9 up to Ver10.9.14"
}
]
},
{
"defaultStatus": "unknown",
"product": "UNIVERGE IX-R/IX-V",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver1.2.15 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "RyotaK of Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device via the management interface."
}
],
"value": "Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device via the management interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T07:21:57.134Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv24-009_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-11013",
"datePublished": "2024-11-29T08:03:07.458Z",
"dateReserved": "2024-11-08T02:59:55.534Z",
"dateUpdated": "2025-07-24T14:40:37.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7011 (GCVE-0-2024-7011)
Vulnerability from cvelistv5 – Published: 2024-09-27 02:45 – Updated: 2025-12-08 15:51
VLAI
Summary
Sharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P525UL, NP-P525UL+, NP-P525ULG, NP-P525ULJL, NP-P525WL, NP-P525WL+, NP-P525WLG, NP-P525WLJL, NP-CG6500UL, NP-CG6500WL, NP-CG6700UL, NP-P605UL, NP-P605UL+, NP-P605ULG, NP-P605ULJL, NP-CA4120X, NP-CA4160W, NP-CA4160X, NP-CA4200U, NP-CA4200W, NP-CA4202W, NP-CA4260X, NP-CA4300X, NP-CA4355X, NP-CD2100U, NP-CD2120X, NP-CD2300X, NP-CR2100X, NP-CR2170W, NP-CR2170X, NP-CR2200U, NP-CR2200W, NP-CR2280X, NP-CR2310X, NP-CR2350X, NP-MC302XG, NP-MC332WG, NP-MC332WJL, NP-MC342XG, NP-MC372X, NP-MC372XG, NP-MC382W, NP-MC382WG, NP-MC422XG, NP-ME342UG, NP-ME372W, NP-ME372WG, NP-ME372WJL, NP-ME382U, NP-ME382UG, NP-ME382UJL, NP-ME402X, NP-ME402XG, NP-ME402XJL, NP-CB4500XL, NP-CG6400UL, NP-CG6400WL, NP-CG6500XL, NP-PE455UL, NP-PE455ULG, NP-PE455WL, NP-PE455WLG, NP-PE505XLG, NP-CB4600U, NP-CF6600U, NP-P474U, NP-P554U, NP-P554U+, NP-P554UG, NP-P554UJL, NP-CG6600UL, NP-P547UL, NP-P547ULG, NP-P547ULJL, NP-P607UL+, NP-P627UL, NP-P627UL+, NP-P627ULG, NP-P627ULJL, NP-PV710UL-B, NP-PV710UL-B1, NP-PV710UL-W, NP-PV710UL-W+, NP-PV710UL-W1, NP-PV730UL-BJL, NP-PV730UL-WJL, NP-PV800UL-B, NP-PV800UL-B+, NP-PV800UL-B1, NP-PV800UL-BJL, NP-PV800UL-W, NP-PV800UL-W+, NP-PV800UL-W1, NP-PV800UL-WJL, NP-CA4200X, NP-CA4265X, NP-CA4300U, NP-CA4300W, NP-CA4305X, NP-CA4400X, NP-CD2125X, NP-CD2200W, NP-CD2300U, NP-CD2310X, NP-CR2105X, NP-CR2200X, NP-CR2205W, NP-CR2300U, NP-CR2300W, NP-CR2315X, NP-CR2400X, NP-MC333XG, NP-MC363XG, NP-MC393WJL, NP-MC423W, NP-MC423WG, NP-MC453X, NP-MC453X, NP-MC453XG, NP-MC453XJL, NP-ME383WG, NP-ME403U, NP-ME403UG, NP-ME403UJL, NP-ME423W, NP-ME423WG, NP-ME423WJL, NP-ME453X, NP-ME453XG, NP-CB4400USL, NP-CB4400WSL, NP-CB4510UL, NP-CB4510WL, NP-CB4510XL, NP-CB4550USL, NP-CB6700UL, NP-CG6510UL, NP-PE456USL, NP-PE456USLG, NP-PE456USLJL, NP-PE456WSLG, NP-PE506UL, NP-PE506ULG, NP-PE506ULJL, NP-PE506WL, NP-PE506WLG, NP-PE506WLJL) allows an attacker to cause a denial-of-service (DoS) condition via SNMP service.
Severity
6.5 (Medium)
CWE
- CWE-1242 - Inclusion of Undocumented Features or Chicken Bits
Assigner
References
1 reference
Impacted products
150 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sharp Display Solutions, Ltd. | NP-CB4500UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4500WL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4700UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P525UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P525UL+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P525ULG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P525ULJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P525WL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P525WL+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P525WLG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P525WLJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CG6500UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CG6500WL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CG6700UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P605UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P605UL+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P605ULG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P605ULJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4120X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4160W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4160X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4200U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4200W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4202W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4260X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4300X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4355X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CD2100U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CD2120X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CD2300X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2100X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2170W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2170X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2200U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2200W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2280X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2310X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2350X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC302XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC332WG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC332WJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC342XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC372X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC372XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC382W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC382WG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC422XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME342UG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME372W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME372WG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME372WJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME382U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME382UG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME382UJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME402X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME402XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME402XJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4500XL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CG6400UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CG6400WL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CG6500XL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE455UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE455ULG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE455WL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE455WLG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE505XLG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4600U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CF6600U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P474U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P554U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P554U+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P554UG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P554UJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CG6600UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P547UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P547ULG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P547ULJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P607UL+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P627UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P627UL+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P627ULG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-P627ULJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV710UL-B |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV710UL-B1 |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV710UL-W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV710UL-W+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV710UL-W1 |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV730UL-BJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV730UL-WJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV800UL-B |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV800UL-B+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV800UL-B1 |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV800UL-BJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV800UL-W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV800UL-W+ |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV800UL-W1 |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PV800UL-WJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4200X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4265X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4300U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4300W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4305X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CA4400X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CD2125X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CD2200W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CD2300U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CD2310X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2105X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2200X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2205W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2300U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2300W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2315X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CR2400X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC333XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC363XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC393WJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC423W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC423WG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC453X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC453X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC453XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-MC453XJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME383WG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME403U |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME403UG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME403UJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME423W |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME423WG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME423WJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME453X |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-ME453XG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4400USL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4400WSL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4510UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4510WL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4510XL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB4550USL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CB6700UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-CG6510UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE456USL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE456USLG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE456USLJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE456WSLG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE506UL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE506ULG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE506ULJL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE506WL |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE506WLG |
Affected:
0 , < updated projector firmware
(custom)
|
|
| Sharp Display Solutions, Ltd. | NP-PE506WLJL |
Affected:
0 , < updated projector firmware
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-7011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T14:20:39.329947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T20:07:10.772Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NP-CB4500UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4500WL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4700UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P525UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P525UL+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P525ULG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P525ULJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P525WL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P525WL+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P525WLG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P525WLJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CG6500UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CG6500WL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CG6700UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P605UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P605UL+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P605ULG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P605ULJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4120X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4160W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4160X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4200U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4200W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4202W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4260X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4300X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4355X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CD2100U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CD2120X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CD2300X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2100X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2170W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2170X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2200U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2200W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2280X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2310X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2350X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC302XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC332WG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC332WJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC342XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC372X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC372XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC382W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC382WG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC422XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME342UG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME372W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME372WG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME372WJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME382U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME382UG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME382UJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME402X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME402XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME402XJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4500XL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CG6400UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CG6400WL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CG6500XL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE455UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE455ULG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE455WL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE455WLG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE505XLG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4600U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CF6600U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P474U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P554U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P554U+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P554UG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P554UJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CG6600UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P547UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P547ULG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P547ULJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P607UL+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P627UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P627UL+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P627ULG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-P627ULJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV710UL-B",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV710UL-B1",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV710UL-W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV710UL-W+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV710UL-W1",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV730UL-BJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV730UL-WJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV800UL-B",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV800UL-B+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV800UL-B1",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV800UL-BJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV800UL-W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV800UL-W+",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV800UL-W1",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PV800UL-WJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4200X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4265X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4300U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4300W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4305X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CA4400X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CD2125X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CD2200W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CD2300U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CD2310X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2105X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2200X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2205W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2300U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2300W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2315X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CR2400X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC333XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC363XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC393WJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC423W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC423WG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC453X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC453X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC453XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-MC453XJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME383WG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME403U",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME403UG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME403UJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME423W",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME423WG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME423WJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME453X",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-ME453XG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4400USL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4400WSL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4510UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4510WL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4510XL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB4550USL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CB6700UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-CG6510UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE456USL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE456USLG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE456USLJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE456WSLG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE506UL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE506ULG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE506ULJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE506WL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE506WLG",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "NP-PE506WLJL",
"vendor": "Sharp Display Solutions, Ltd.",
"versions": [
{
"lessThan": "updated projector firmware",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Southern Metropolitan Cemeteries Trust JP Hofmeyr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P525UL, NP-P525UL+, NP-P525ULG, NP-P525ULJL, NP-P525WL, NP-P525WL+, NP-P525WLG, NP-P525WLJL, NP-CG6500UL, NP-CG6500WL, NP-CG6700UL, NP-P605UL, NP-P605UL+, NP-P605ULG, NP-P605ULJL, NP-CA4120X, NP-CA4160W, NP-CA4160X, NP-CA4200U, NP-CA4200W, NP-CA4202W, NP-CA4260X, NP-CA4300X, NP-CA4355X, NP-CD2100U, NP-CD2120X, NP-CD2300X, NP-CR2100X, NP-CR2170W, NP-CR2170X, NP-CR2200U, NP-CR2200W, NP-CR2280X, NP-CR2310X, NP-CR2350X, NP-MC302XG, NP-MC332WG, NP-MC332WJL, NP-MC342XG, NP-MC372X, NP-MC372XG, NP-MC382W, NP-MC382WG, NP-MC422XG, NP-ME342UG, NP-ME372W, NP-ME372WG, NP-ME372WJL, NP-ME382U, NP-ME382UG, NP-ME382UJL, NP-ME402X, NP-ME402XG, NP-ME402XJL, NP-CB4500XL, NP-CG6400UL, NP-CG6400WL, NP-CG6500XL, NP-PE455UL, NP-PE455ULG, NP-PE455WL, NP-PE455WLG, NP-PE505XLG, NP-CB4600U, NP-CF6600U, NP-P474U, NP-P554U, NP-P554U+, NP-P554UG, NP-P554UJL, NP-CG6600UL, NP-P547UL, NP-P547ULG, NP-P547ULJL, NP-P607UL+, NP-P627UL, NP-P627UL+, NP-P627ULG, NP-P627ULJL, NP-PV710UL-B, NP-PV710UL-B1, NP-PV710UL-W, NP-PV710UL-W+, NP-PV710UL-W1, NP-PV730UL-BJL, NP-PV730UL-WJL, NP-PV800UL-B, NP-PV800UL-B+, NP-PV800UL-B1, NP-PV800UL-BJL, NP-PV800UL-W, NP-PV800UL-W+, NP-PV800UL-W1, NP-PV800UL-WJL, NP-CA4200X, NP-CA4265X, NP-CA4300U, NP-CA4300W, NP-CA4305X, NP-CA4400X, NP-CD2125X, NP-CD2200W, NP-CD2300U, NP-CD2310X, NP-CR2105X, NP-CR2200X, NP-CR2205W, NP-CR2300U, NP-CR2300W, NP-CR2315X, NP-CR2400X, NP-MC333XG, NP-MC363XG, NP-MC393WJL, NP-MC423W, NP-MC423WG, NP-MC453X, NP-MC453X, NP-MC453XG, NP-MC453XJL, NP-ME383WG, NP-ME403U, NP-ME403UG, NP-ME403UJL, NP-ME423W, NP-ME423WG, NP-ME423WJL, NP-ME453X, NP-ME453XG, NP-CB4400USL, NP-CB4400WSL, NP-CB4510UL, NP-CB4510WL, NP-CB4510XL, NP-CB4550USL, NP-CB6700UL, NP-CG6510UL, NP-PE456USL, NP-PE456USLG, NP-PE456USLJL, NP-PE456WSLG, NP-PE506UL, NP-PE506ULG, NP-PE506ULJL, NP-PE506WL, NP-PE506WLG, NP-PE506WLJL) allows an attacker to cause a denial-of-service (DoS) condition via SNMP service.\u003c/p\u003e"
}
],
"value": "Sharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P525UL, NP-P525UL+, NP-P525ULG, NP-P525ULJL, NP-P525WL, NP-P525WL+, NP-P525WLG, NP-P525WLJL, NP-CG6500UL, NP-CG6500WL, NP-CG6700UL, NP-P605UL, NP-P605UL+, NP-P605ULG, NP-P605ULJL, NP-CA4120X, NP-CA4160W, NP-CA4160X, NP-CA4200U, NP-CA4200W, NP-CA4202W, NP-CA4260X, NP-CA4300X, NP-CA4355X, NP-CD2100U, NP-CD2120X, NP-CD2300X, NP-CR2100X, NP-CR2170W, NP-CR2170X, NP-CR2200U, NP-CR2200W, NP-CR2280X, NP-CR2310X, NP-CR2350X, NP-MC302XG, NP-MC332WG, NP-MC332WJL, NP-MC342XG, NP-MC372X, NP-MC372XG, NP-MC382W, NP-MC382WG, NP-MC422XG, NP-ME342UG, NP-ME372W, NP-ME372WG, NP-ME372WJL, NP-ME382U, NP-ME382UG, NP-ME382UJL, NP-ME402X, NP-ME402XG, NP-ME402XJL, NP-CB4500XL, NP-CG6400UL, NP-CG6400WL, NP-CG6500XL, NP-PE455UL, NP-PE455ULG, NP-PE455WL, NP-PE455WLG, NP-PE505XLG, NP-CB4600U, NP-CF6600U, NP-P474U, NP-P554U, NP-P554U+, NP-P554UG, NP-P554UJL, NP-CG6600UL, NP-P547UL, NP-P547ULG, NP-P547ULJL, NP-P607UL+, NP-P627UL, NP-P627UL+, NP-P627ULG, NP-P627ULJL, NP-PV710UL-B, NP-PV710UL-B1, NP-PV710UL-W, NP-PV710UL-W+, NP-PV710UL-W1, NP-PV730UL-BJL, NP-PV730UL-WJL, NP-PV800UL-B, NP-PV800UL-B+, NP-PV800UL-B1, NP-PV800UL-BJL, NP-PV800UL-W, NP-PV800UL-W+, NP-PV800UL-W1, NP-PV800UL-WJL, NP-CA4200X, NP-CA4265X, NP-CA4300U, NP-CA4300W, NP-CA4305X, NP-CA4400X, NP-CD2125X, NP-CD2200W, NP-CD2300U, NP-CD2310X, NP-CR2105X, NP-CR2200X, NP-CR2205W, NP-CR2300U, NP-CR2300W, NP-CR2315X, NP-CR2400X, NP-MC333XG, NP-MC363XG, NP-MC393WJL, NP-MC423W, NP-MC423WG, NP-MC453X, NP-MC453X, NP-MC453XG, NP-MC453XJL, NP-ME383WG, NP-ME403U, NP-ME403UG, NP-ME403UJL, NP-ME423W, NP-ME423WG, NP-ME423WJL, NP-ME453X, NP-ME453XG, NP-CB4400USL, NP-CB4400WSL, NP-CB4510UL, NP-CB4510WL, NP-CB4510XL, NP-CB4550USL, NP-CB6700UL, NP-CG6510UL, NP-PE456USL, NP-PE456USLG, NP-PE456USLJL, NP-PE456WSLG, NP-PE506UL, NP-PE506ULG, NP-PE506ULJL, NP-PE506WL, NP-PE506WLG, NP-PE506WLJL) allows an attacker to cause a denial-of-service (DoS) condition via SNMP service."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1242",
"description": "CWE-1242: Inclusion of Undocumented Features or Chicken Bits",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-08T15:51:26.863Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://sharp-displays.jp.sharp/global/support/info/Projector_vulnerability_202408.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-7011",
"datePublished": "2024-09-27T02:45:05.979Z",
"dateReserved": "2024-07-23T04:53:07.799Z",
"dateUpdated": "2025-12-08T15:51:26.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-3016 (GCVE-0-2024-3016)
Vulnerability from cvelistv5 – Published: 2024-05-09 06:32 – Updated: 2024-08-22 15:09
VLAI
Summary
NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.
Severity
9.1 (Critical)
CWE
- CWE-912 - Hidden Functionality
Assigner
References
1 reference
Impacted products
22 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Platforms, Ltd | ITK-6DGS-1(BK) TEL |
Affected:
v5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-32LCGS-1(BK) TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-32TCGS-1(BK) TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-6D-1(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-12D-1(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-8LCX-1(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-8TCGX-1(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-6DGS-1A(BK) TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-32LCGS-1A(BK) TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-32TCGS-1A(BK) TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-6DGS-1P(BK) TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-32LCGS-1P(BK) TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-32TCGS-1P(BK) TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-6D-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-12D-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-6DG-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-12DG-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-8LCX-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-8LCG-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-32LCG-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-8TCGX-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
|
| NEC Platforms, Ltd | ITK-32TCG-1P(BK)TEL |
Affected:
5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv24-002_en.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1\\/bk_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_6dgs_1\\/bk_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_32lcgs_1\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_32tcgs_1\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "v5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_6d_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_6d_1\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_12d_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_12d_1\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_8lcx_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_8lcx_1\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_8tcgx_1\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_8tcgx_1\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1a\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_6dgs_1a\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1a\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_32lcgs_1a\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1a\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_32tcgs_1a\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_6dgs_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_6dgs_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_32lcgs_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_32lcgs_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_32tcgs_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_32tcgs_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_6d_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_6d_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_12d_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_12d_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_6dg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_6dg_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_12dg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_12dg_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_8lcx_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_8lcx_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_8lcg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_8lcg_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_32lcg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_32lcg_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_8tcgx_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_8tcgx_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_platforms_ltd:itk_32tcg_1p\\/bk\\/_tel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "itk_32tcg_1p\\/bk\\/_tel",
"vendor": "nec_platforms_ltd",
"versions": [
{
"lessThanOrEqual": "5.3.4.4",
"status": "affected",
"version": "5.0.0.0",
"versionType": "custom"
},
{
"lessThan": "5.6.0.20",
"status": "affected",
"version": "5.4.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-3016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T19:37:17.784025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T15:09:05.064Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ITK-6DGS-1(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "v5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-32LCGS-1(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-32TCGS-1(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-6D-1(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-12D-1(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-8LCX-1(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-8TCGX-1(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-6DGS-1A(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-32LCGS-1A(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-32TCGS-1A(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-6DGS-1P(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-32LCGS-1P(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-32TCGS-1P(BK) TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-6D-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-12D-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-6DG-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-12DG-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-8LCX-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-8LCG-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-32LCG-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-8TCGX-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
},
{
"product": "ITK-32TCG-1P(BK)TEL",
"vendor": "NEC Platforms, Ltd",
"versions": [
{
"status": "affected",
"version": "5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mr. Gianluca Altomani and Mr. Manuel Romei."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eNEC Platforms DT900 and DT900S Series 5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.\u003c/p\u003e"
}
],
"value": "NEC Platforms DT900 and DT900S Series 5.0.0.0 \u2013 v5.3.4.4, v5.4.0.0 \u2013 v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912: Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-09T08:06:30.885Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv24-002_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-3016",
"datePublished": "2024-05-09T06:32:39.145Z",
"dateReserved": "2024-03-27T15:15:52.175Z",
"dateUpdated": "2024-08-22T15:09:05.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28013 (GCVE-0-2024-28013)
Vulnerability from cvelistv5 – Published: 2024-03-28 00:57 – Updated: 2025-01-14 04:02
VLAI
Summary
Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet.
Severity
5.3 (Medium)
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
1 reference
Impacted products
59 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WG1800HP4 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS3 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS2 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | W1200EX(-MS) |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP2 |
Affected:
all versions
|
|
| NEC Corporation | W300P |
Affected:
all versions
|
|
| NEC Corporation | WF800HP |
Affected:
all versions
|
|
| NEC Corporation | WR8165N |
Affected:
all versions
|
|
| NEC Corporation | WG2200HP |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP2 |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP |
Affected:
all versions
|
|
| NEC Corporation | WG600HP |
Affected:
all versions
|
|
| NEC Corporation | WG300HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP |
Affected:
all versions
|
|
| NEC Corporation | WG1400HP |
Affected:
all versions
|
|
| NEC Corporation | WR8175N |
Affected:
all versions
|
|
| NEC Corporation | WR9300N |
Affected:
all versions
|
|
| NEC Corporation | WR8750N |
Affected:
all versions
|
|
| NEC Corporation | WR8160N |
Affected:
all versions
|
|
| NEC Corporation | WR9500N |
Affected:
all versions
|
|
| NEC Corporation | WR8600N |
Affected:
all versions
|
|
| NEC Corporation | WR8370N |
Affected:
all versions
|
|
| NEC Corporation | WR8170N |
Affected:
all versions
|
|
| NEC Corporation | WR8700N |
Affected:
all versions
|
|
| NEC Corporation | WR8300N |
Affected:
all versions
|
|
| NEC Corporation | WR8150N |
Affected:
all versions
|
|
| NEC Corporation | WR4100N |
Affected:
all versions
|
|
| NEC Corporation | WR4500N |
Affected:
all versions
|
|
| NEC Corporation | WR8100N |
Affected:
all versions
|
|
| NEC Corporation | WR8500N |
Affected:
all versions
|
|
| NEC Corporation | CR2500P |
Affected:
all versions
|
|
| NEC Corporation | WR8400N |
Affected:
all versions
|
|
| NEC Corporation | WR8200N |
Affected:
all versions
|
|
| NEC Corporation | WR1200H |
Affected:
all versions
|
|
| NEC Corporation | WR7870S |
Affected:
all versions
|
|
| NEC Corporation | WR6670S |
Affected:
all versions
|
|
| NEC Corporation | WR7850S |
Affected:
all versions
|
|
| NEC Corporation | WR6650S |
Affected:
all versions
|
|
| NEC Corporation | WR6600H |
Affected:
all versions
|
|
| NEC Corporation | WR7800H |
Affected:
all versions
|
|
| NEC Corporation | WM3400RN |
Affected:
all versions
|
|
| NEC Corporation | WM3450RN |
Affected:
all versions
|
|
| NEC Corporation | WM3500R |
Affected:
all versions
|
|
| NEC Corporation | WM3600R |
Affected:
all versions
|
|
| NEC Corporation | WM3800R |
Affected:
all versions
|
|
| NEC Corporation | WR8166N |
Affected:
all versions
|
|
| NEC Corporation | MR01LN |
Affected:
all versions
|
|
| NEC Corporation | MR02LN |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(JE) |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(MF) |
Affected:
all versions
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T19:14:52.309865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:15:03.453Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:47.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WG1800HP4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W1200EX(-MS)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W300P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8165N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG600HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1400HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8175N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8750N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8160N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8600N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8370N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8170N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8700N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8150N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "CR2500P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8400N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8200N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR1200H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7870S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6670S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7850S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6650S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6600H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7800H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3400RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3450RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3500R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3600R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3800R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8166N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR01LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR02LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(JE)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(MF)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Yudai Morii, Takaya Noma, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet."
}
],
"value": "Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330: Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T04:02:18.281Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-28013",
"datePublished": "2024-03-28T00:57:38.295Z",
"dateReserved": "2024-02-29T08:40:13.581Z",
"dateUpdated": "2025-01-14T04:02:18.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28014 (GCVE-0-2024-28014)
Vulnerability from cvelistv5 – Published: 2024-03-28 00:56 – Updated: 2025-01-14 04:05
VLAI
Summary
Stack-based Buffer Overflow vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command via the internet.
Severity
9.8 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
59 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WG1800HP4 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS3 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS2 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | W1200EX(-MS) |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP2 |
Affected:
all versions
|
|
| NEC Corporation | W300P |
Affected:
all versions
|
|
| NEC Corporation | WF800HP |
Affected:
all versions
|
|
| NEC Corporation | WR8165N |
Affected:
all versions
|
|
| NEC Corporation | WG2200HP |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP2 |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP |
Affected:
all versions
|
|
| NEC Corporation | WG600HP |
Affected:
all versions
|
|
| NEC Corporation | WG300HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP |
Affected:
all versions
|
|
| NEC Corporation | WG1400HP |
Affected:
all versions
|
|
| NEC Corporation | WR8175N |
Affected:
all versions
|
|
| NEC Corporation | WR9300N |
Affected:
all versions
|
|
| NEC Corporation | WR8750N |
Affected:
all versions
|
|
| NEC Corporation | WR8160N |
Affected:
all versions
|
|
| NEC Corporation | WR9500N |
Affected:
all versions
|
|
| NEC Corporation | WR8600N |
Affected:
all versions
|
|
| NEC Corporation | WR8370N |
Affected:
all versions
|
|
| NEC Corporation | WR8170N |
Affected:
all versions
|
|
| NEC Corporation | WR8700N |
Affected:
all versions
|
|
| NEC Corporation | WR8300N |
Affected:
all versions
|
|
| NEC Corporation | WR8150N |
Affected:
all versions
|
|
| NEC Corporation | WR4100N |
Affected:
all versions
|
|
| NEC Corporation | WR4500N |
Affected:
all versions
|
|
| NEC Corporation | WR8100N |
Affected:
all versions
|
|
| NEC Corporation | WR8500N |
Affected:
all versions
|
|
| NEC Corporation | CR2500P |
Affected:
all versions
|
|
| NEC Corporation | WR8400N |
Affected:
all versions
|
|
| NEC Corporation | WR8200N |
Affected:
all versions
|
|
| NEC Corporation | WR1200H |
Affected:
all versions
|
|
| NEC Corporation | WR7870S |
Affected:
all versions
|
|
| NEC Corporation | WR6670S |
Affected:
all versions
|
|
| NEC Corporation | WR7850S |
Affected:
all versions
|
|
| NEC Corporation | WR6650S |
Affected:
all versions
|
|
| NEC Corporation | WR6600H |
Affected:
all versions
|
|
| NEC Corporation | WR7800H |
Affected:
all versions
|
|
| NEC Corporation | WM3400RN |
Affected:
all versions
|
|
| NEC Corporation | WM3450RN |
Affected:
all versions
|
|
| NEC Corporation | WM3500R |
Affected:
all versions
|
|
| NEC Corporation | WM3600R |
Affected:
all versions
|
|
| NEC Corporation | WM3800R |
Affected:
all versions
|
|
| NEC Corporation | WR8166N |
Affected:
all versions
|
|
| NEC Corporation | MR01LN |
Affected:
all versions
|
|
| NEC Corporation | MR02LN |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(JE) |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(MF) |
Affected:
all versions
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:47.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:nec:aterm_cr2500p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_mr01ln_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_mr02ln_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_w300p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wf1200hp2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wf1200hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wf300hp2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wf300hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wf800hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hp2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hp3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hs2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hs3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hs_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1400hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1800hp2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1800hp3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1800hp4_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1800hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1810hp\\(je\\)_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1810hp\\(mf\\)_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1900hp2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1900hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg2200hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg300hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg600hp_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wm3400rn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wm3450rn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wm3500r_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wm3600r_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wm3800r_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr1200h_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr4100n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr4500n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr6600h_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr6650s_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr6670s_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr7800h_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr7850s_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr7870s_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8100n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8150n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8160n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8165n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8166n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8170n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8175n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8200n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8300n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8370n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8400n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8500n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8600n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8700n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8750n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr9300n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr9500n_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_w1200ex\\(-ms\\)_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aterm_w1200ex\\(-ms\\)_firmware",
"vendor": "nec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28014",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-23T17:36:07.288926Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T18:42:34.009Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WG1800HP4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W1200EX(-MS)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W300P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8165N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG600HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1400HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8175N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8750N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8160N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8600N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8370N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8170N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8700N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8150N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "CR2500P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8400N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8200N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR1200H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7870S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6670S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7850S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6650S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6600H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7800H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3400RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3450RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3500R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3600R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3800R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8166N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR01LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR02LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(JE)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(MF)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Stack-based Buffer Overflow vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command via the internet."
}
],
"value": "Stack-based Buffer Overflow vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command via the internet."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T04:05:52.531Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-28014",
"datePublished": "2024-03-28T00:56:39.075Z",
"dateReserved": "2024-02-29T08:40:13.582Z",
"dateUpdated": "2025-01-14T04:05:52.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28015 (GCVE-0-2024-28015)
Vulnerability from cvelistv5 – Published: 2024-03-28 00:56 – Updated: 2025-01-14 04:07
VLAI
Summary
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command with the root privilege via the internet.
Severity
9.8 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command
Assigner
References
1 reference
Impacted products
59 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WG1800HP4 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS3 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS2 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | W1200EX(-MS) |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP2 |
Affected:
all versions
|
|
| NEC Corporation | W300P |
Affected:
all versions
|
|
| NEC Corporation | WF800HP |
Affected:
all versions
|
|
| NEC Corporation | WR8165N |
Affected:
all versions
|
|
| NEC Corporation | WG2200HP |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP2 |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP |
Affected:
all versions
|
|
| NEC Corporation | WG600HP |
Affected:
all versions
|
|
| NEC Corporation | WG300HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP |
Affected:
all versions
|
|
| NEC Corporation | WG1400HP |
Affected:
all versions
|
|
| NEC Corporation | WR8175N |
Affected:
all versions
|
|
| NEC Corporation | WR9300N |
Affected:
all versions
|
|
| NEC Corporation | WR8750N |
Affected:
all versions
|
|
| NEC Corporation | WR8160N |
Affected:
all versions
|
|
| NEC Corporation | WR9500N |
Affected:
all versions
|
|
| NEC Corporation | WR8600N |
Affected:
all versions
|
|
| NEC Corporation | WR8370N |
Affected:
all versions
|
|
| NEC Corporation | WR8170N |
Affected:
all versions
|
|
| NEC Corporation | WR8700N |
Affected:
all versions
|
|
| NEC Corporation | WR8300N |
Affected:
all versions
|
|
| NEC Corporation | WR8150N |
Affected:
all versions
|
|
| NEC Corporation | WR4100N |
Affected:
all versions
|
|
| NEC Corporation | WR4500N |
Affected:
all versions
|
|
| NEC Corporation | WR8100N |
Affected:
all versions
|
|
| NEC Corporation | WR8500N |
Affected:
all versions
|
|
| NEC Corporation | CR2500P |
Affected:
all versions
|
|
| NEC Corporation | WR8400N |
Affected:
all versions
|
|
| NEC Corporation | WR8200N |
Affected:
all versions
|
|
| NEC Corporation | WR1200H |
Affected:
all versions
|
|
| NEC Corporation | WR7870S |
Affected:
all versions
|
|
| NEC Corporation | WR6670S |
Affected:
all versions
|
|
| NEC Corporation | WR7850S |
Affected:
all versions
|
|
| NEC Corporation | WR6650S |
Affected:
all versions
|
|
| NEC Corporation | WR6600H |
Affected:
all versions
|
|
| NEC Corporation | WR7800H |
Affected:
all versions
|
|
| NEC Corporation | WM3400RN |
Affected:
all versions
|
|
| NEC Corporation | WM3450RN |
Affected:
all versions
|
|
| NEC Corporation | WM3500R |
Affected:
all versions
|
|
| NEC Corporation | WM3600R |
Affected:
all versions
|
|
| NEC Corporation | WM3800R |
Affected:
all versions
|
|
| NEC Corporation | WR8166N |
Affected:
all versions
|
|
| NEC Corporation | MR01LN |
Affected:
all versions
|
|
| NEC Corporation | MR02LN |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(JE) |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(MF) |
Affected:
all versions
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_w1200ex-ms_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wf300hp2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wf800hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hs2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hs_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:h:nec:aterm_wg1800hp3:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1900hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8165n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hp3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1900hp2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1200hs3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:nec:aterm_wg1800hp4_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aterm_wg1800hp4_firmware",
"vendor": "nec",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28015",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-02T13:05:24.151876Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T16:41:58.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:48.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WG1800HP4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W1200EX(-MS)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W300P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8165N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG600HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1400HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8175N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8750N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8160N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8600N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8370N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8170N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8700N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8150N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "CR2500P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8400N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8200N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR1200H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7870S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6670S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7850S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6650S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6600H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7800H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3400RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3450RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3500R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3600R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3800R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8166N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR01LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR02LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(JE)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(MF)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command with the root privilege via the internet."
}
],
"value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command with the root privilege via the internet."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T04:07:45.168Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-28015",
"datePublished": "2024-03-28T00:56:20.758Z",
"dateReserved": "2024-02-29T08:40:36.326Z",
"dateUpdated": "2025-01-14T04:07:45.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28016 (GCVE-0-2024-28016)
Vulnerability from cvelistv5 – Published: 2024-03-28 00:55 – Updated: 2025-01-14 04:14
VLAI
Summary
Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to get device informations via the internet.
Severity
6 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
59 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WG1800HP4 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS3 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS2 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | W1200EX(-MS) |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP2 |
Affected:
all versions
|
|
| NEC Corporation | W300P |
Affected:
all versions
|
|
| NEC Corporation | WF800HP |
Affected:
all versions
|
|
| NEC Corporation | WR8165N |
Affected:
all versions
|
|
| NEC Corporation | WG2200HP |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP2 |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP |
Affected:
all versions
|
|
| NEC Corporation | WG600HP |
Affected:
all versions
|
|
| NEC Corporation | WG300HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP |
Affected:
all versions
|
|
| NEC Corporation | WG1400HP |
Affected:
all versions
|
|
| NEC Corporation | WR8175N |
Affected:
all versions
|
|
| NEC Corporation | WR9300N |
Affected:
all versions
|
|
| NEC Corporation | WR8750N |
Affected:
all versions
|
|
| NEC Corporation | WR8160N |
Affected:
all versions
|
|
| NEC Corporation | WR9500N |
Affected:
all versions
|
|
| NEC Corporation | WR8600N |
Affected:
all versions
|
|
| NEC Corporation | WR8370N |
Affected:
all versions
|
|
| NEC Corporation | WR8170N |
Affected:
all versions
|
|
| NEC Corporation | WR8700N |
Affected:
all versions
|
|
| NEC Corporation | WR8300N |
Affected:
all versions
|
|
| NEC Corporation | WR8150N |
Affected:
all versions
|
|
| NEC Corporation | WR4100N |
Affected:
all versions
|
|
| NEC Corporation | WR4500N |
Affected:
all versions
|
|
| NEC Corporation | WR8100N |
Affected:
all versions
|
|
| NEC Corporation | WR8500N |
Affected:
all versions
|
|
| NEC Corporation | CR2500P |
Affected:
all versions
|
|
| NEC Corporation | WR8400N |
Affected:
all versions
|
|
| NEC Corporation | WR8200N |
Affected:
all versions
|
|
| NEC Corporation | WR1200H |
Affected:
all versions
|
|
| NEC Corporation | WR7870S |
Affected:
all versions
|
|
| NEC Corporation | WR6670S |
Affected:
all versions
|
|
| NEC Corporation | WR7850S |
Affected:
all versions
|
|
| NEC Corporation | WR6650S |
Affected:
all versions
|
|
| NEC Corporation | WR6600H |
Affected:
all versions
|
|
| NEC Corporation | WR7800H |
Affected:
all versions
|
|
| NEC Corporation | WM3400RN |
Affected:
all versions
|
|
| NEC Corporation | WM3450RN |
Affected:
all versions
|
|
| NEC Corporation | WM3500R |
Affected:
all versions
|
|
| NEC Corporation | WM3600R |
Affected:
all versions
|
|
| NEC Corporation | WM3800R |
Affected:
all versions
|
|
| NEC Corporation | WR8166N |
Affected:
all versions
|
|
| NEC Corporation | MR01LN |
Affected:
all versions
|
|
| NEC Corporation | MR02LN |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(JE) |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(MF) |
Affected:
all versions
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T18:37:34.619893Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T21:09:12.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:47.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WG1800HP4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W1200EX(-MS)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W300P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8165N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG600HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1400HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8175N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8750N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8160N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8600N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8370N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8170N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8700N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8150N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "CR2500P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8400N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8200N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR1200H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7870S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6670S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7850S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6650S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6600H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7800H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3400RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3450RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3500R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3600R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3800R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8166N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR01LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR02LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(JE)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(MF)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to get device informations via the internet."
}
],
"value": "Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to get device informations via the internet."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T04:14:44.988Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-28016",
"datePublished": "2024-03-28T00:55:50.880Z",
"dateReserved": "2024-02-29T08:40:36.327Z",
"dateUpdated": "2025-01-14T04:14:44.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28012 (GCVE-0-2024-28012)
Vulnerability from cvelistv5 – Published: 2024-03-28 00:55 – Updated: 2025-01-14 03:59
VLAI
Summary
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet.
Severity
9.8 (Critical)
CWE
- CWE-287 - Improper Authentication
Assigner
References
1 reference
Impacted products
59 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WG1800HP4 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS3 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP3 |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS2 |
Affected:
all versions
|
|
| NEC Corporation | WG1900HP |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | W1200EX(-MS) |
Affected:
all versions
|
|
| NEC Corporation | WG1200HS |
Affected:
all versions
|
|
| NEC Corporation | WG1200HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP2 |
Affected:
all versions
|
|
| NEC Corporation | W300P |
Affected:
all versions
|
|
| NEC Corporation | WF800HP |
Affected:
all versions
|
|
| NEC Corporation | WR8165N |
Affected:
all versions
|
|
| NEC Corporation | WG2200HP |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP2 |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP2 |
Affected:
all versions
|
|
| NEC Corporation | WF1200HP |
Affected:
all versions
|
|
| NEC Corporation | WG600HP |
Affected:
all versions
|
|
| NEC Corporation | WG300HP |
Affected:
all versions
|
|
| NEC Corporation | WF300HP |
Affected:
all versions
|
|
| NEC Corporation | WG1800HP |
Affected:
all versions
|
|
| NEC Corporation | WG1400HP |
Affected:
all versions
|
|
| NEC Corporation | WR8175N |
Affected:
all versions
|
|
| NEC Corporation | WR9300N |
Affected:
all versions
|
|
| NEC Corporation | WR8750N |
Affected:
all versions
|
|
| NEC Corporation | WR8160N |
Affected:
all versions
|
|
| NEC Corporation | WR9500N |
Affected:
all versions
|
|
| NEC Corporation | WR8600N |
Affected:
all versions
|
|
| NEC Corporation | WR8370N |
Affected:
all versions
|
|
| NEC Corporation | WR8170N |
Affected:
all versions
|
|
| NEC Corporation | WR8700N |
Affected:
all versions
|
|
| NEC Corporation | WR8300N |
Affected:
all versions
|
|
| NEC Corporation | WR8150N |
Affected:
all versions
|
|
| NEC Corporation | WR4100N |
Affected:
all versions
|
|
| NEC Corporation | WR4500N |
Affected:
all versions
|
|
| NEC Corporation | WR8100N |
Affected:
all versions
|
|
| NEC Corporation | WR8500N |
Affected:
all versions
|
|
| NEC Corporation | CR2500P |
Affected:
all versions
|
|
| NEC Corporation | WR8400N |
Affected:
all versions
|
|
| NEC Corporation | WR8200N |
Affected:
all versions
|
|
| NEC Corporation | WR1200H |
Affected:
all versions
|
|
| NEC Corporation | WR7870S |
Affected:
all versions
|
|
| NEC Corporation | WR6670S |
Affected:
all versions
|
|
| NEC Corporation | WR7850S |
Affected:
all versions
|
|
| NEC Corporation | WR6650S |
Affected:
all versions
|
|
| NEC Corporation | WR6600H |
Affected:
all versions
|
|
| NEC Corporation | WR7800H |
Affected:
all versions
|
|
| NEC Corporation | WM3400RN |
Affected:
all versions
|
|
| NEC Corporation | WM3450RN |
Affected:
all versions
|
|
| NEC Corporation | WM3500R |
Affected:
all versions
|
|
| NEC Corporation | WM3600R |
Affected:
all versions
|
|
| NEC Corporation | WM3800R |
Affected:
all versions
|
|
| NEC Corporation | WR8166N |
Affected:
all versions
|
|
| NEC Corporation | MR01LN |
Affected:
all versions
|
|
| NEC Corporation | MR02LN |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(JE) |
Affected:
all versions
|
|
| NEC Corporation | WG1810HP(MF) |
Affected:
all versions
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:47.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1200hp3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1200hp3",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1800hp4:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1800hp4",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1200hs3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1200hs3",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1900hp2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1900hp2",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1800hp3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1800hp3",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1200hs2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1200hs2",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1900hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1900hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1200hp2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1200hp2",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:w1200ex\\/ms\\/:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "w1200ex\\/ms\\/",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1200hs:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1200hs",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1200hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1200hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wf300hp2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wf300hp2",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:w300p:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "w300p",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wf800hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wf800hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8165n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8165n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg2200hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg2200hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wf1200hp2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wf1200hp2",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1800hp2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1800hp2",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wf1200hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wf1200hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg600hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg600hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg300hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg300hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1800hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1800hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1400hp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1400hp",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8175n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8175n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr9300n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr9300n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8750n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8750n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8160n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8160n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr9500n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr9500n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8600n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8600n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8370n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8370n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8170n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8170n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8700n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8700n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8300n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8300n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8150n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8150n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr4100n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr4100n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr4500n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr4500n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8100n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8100n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8500n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8500n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:cr2500p:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cr2500p",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8400n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8400n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8200n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8200n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr1200h:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr1200h",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr7870s:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr7870s",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr6670s:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr6670s",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr7850s:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr7850s",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr6650s:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr6650s",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wm3800r:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wm3800r",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr6600h:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr6600h",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr7800h:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr7800h",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wm3400rn:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wm3400rn",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wm3450rn:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wm3450rn",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wm3500r:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wm3500r",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wm3600r:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wm3600r",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wr8166n:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wr8166n",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:mr01ln:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mr01ln",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:mr02ln:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mr02ln",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1810hp\\/je\\/:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1810hp\\/je\\/",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nec_corporation:wg1810hp\\/mf\\/:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wg1810hp\\/mf\\/",
"vendor": "nec_corporation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28012",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T18:36:14.164270Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T19:27:27.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WG1800HP4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP3",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1900HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W1200EX(-MS)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HS",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "W300P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8165N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG600HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1400HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8175N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8750N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8160N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR9500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8600N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8370N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8170N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8700N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8150N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR4500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8100N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "CR2500P",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8400N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8200N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR1200H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7870S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6670S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7850S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6650S",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR6600H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR7800H",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3400RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3450RN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3500R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3600R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WM3800R",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WR8166N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR01LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "MR02LN",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(JE)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1810HP(MF)",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Katsuhiko Sato and Ryo Kashiro of 00One, Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet."
}
],
"value": "Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T03:59:31.550Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2024-28012",
"datePublished": "2024-03-28T00:55:05.166Z",
"dateReserved": "2024-02-29T08:40:13.581Z",
"dateUpdated": "2025-01-14T03:59:31.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}