Search

Find a vulnerability

Search criteria

    11 vulnerabilities found for Aterm WR8600N by NEC Corporation

    JVNDB-2024-000037

    Vulnerability from jvndb - Published: 2024-04-05 14:53 - Updated:2024-04-05 14:53
    Severity
    Summary
    Multiple vulnerabilities in NEC Aterm series
    Details
    Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below.
    • Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28005
    • Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28006
    • Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28007
    • Active Debug Code (CWE-489) - CVE-2024-28008
    • Use of Weak Credentials (CWE-1391) - CVE-2024-28009, CVE-2024-28012
    • Use of Hard-coded Credentials (CWE-798) - CVE-2024-28010
    • Inclusion of Undocumented Features (CWE-1242) - CVE-2024-28011
    • Insufficient Session Expiration (CWE-613) - CVE-2024-28013
    • Buffer Overflow (CWE-120) - CVE-2024-28014
    • OS Command Injection in the web management console (CWE-78) - CVE-2024-28015
    • Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28016
    The following people reported the vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-28005, CVE-2024-28008 Ryo Kashiro, and Katsuhiko Sato, and Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University CVE-2024-28006, CVE-2024-28007, CVE-2024-28009, CVE-2024-28010, CVE-2024-28011, CVE-2024-28012 Ryo Kashiro, and Katsuhiko Sato CVE-2024-28013 Yudai Morii, Takaya Noma, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University CVE-2024-28014, CVE-2024-28015, CVE-2024-28016 Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University
    Impacted products
    NEC Corporation Aterm WM3400RN
    NEC Corporation Aterm WM3450RN
    NEC Corporation Aterm WM3600R
    NEC Corporation Aterm WR8160N
    NEC Corporation Aterm CR2500P
    NEC Corporation Aterm MR01LN
    NEC Corporation Aterm MR02LN
    NEC Corporation Aterm W1200EX(-MS)
    NEC Corporation Aterm W300P
    NEC Corporation Aterm WF1200HP
    NEC Corporation Aterm WF1200HP2
    NEC Corporation Aterm WF300HP2
    NEC Corporation Aterm WF300HP
    NEC Corporation Aterm WF800HP
    NEC Corporation Aterm WG1200HP2
    NEC Corporation Aterm WG1200HP3
    NEC Corporation Aterm WG1200HP
    NEC Corporation Aterm WG1200HS2
    NEC Corporation Aterm WG1200HS3
    NEC Corporation Aterm WG1200HS
    NEC Corporation Aterm WG1400HP
    NEC Corporation Aterm WG1800HP2
    NEC Corporation Aterm WG1800HP3
    NEC Corporation Aterm WG1800HP4
    NEC Corporation Aterm WG1800HP
    NEC Corporation Aterm WG1810HP(JE)
    NEC Corporation Aterm WG1810HP(MF)
    NEC Corporation Aterm WG1900HP2
    NEC Corporation Aterm WG1900HP
    NEC Corporation Aterm WG2200HP
    NEC Corporation Aterm WG300HP
    NEC Corporation Aterm WG600HP
    NEC Corporation Aterm WM3500R
    NEC Corporation Aterm WM3800R
    NEC Corporation Aterm WR1200H
    NEC Corporation Aterm WR4100N
    NEC Corporation Aterm WR4500N
    NEC Corporation Aterm WR6600H
    NEC Corporation Aterm WR6650S
    NEC Corporation Aterm WR6670S
    NEC Corporation Aterm WR7800H
    NEC Corporation Aterm WR7850S
    NEC Corporation Aterm WR7870S
    NEC Corporation Aterm WR8100N
    NEC Corporation Aterm WR8150N
    NEC Corporation Aterm WR8165N
    NEC Corporation Aterm WR8166N
    NEC Corporation Aterm WR8170N
    NEC Corporation Aterm WR8175N
    NEC Corporation Aterm WR8200N
    NEC Corporation Aterm WR8300N
    NEC Corporation Aterm WR8370N
    NEC Corporation Aterm WR8400N
    NEC Corporation Aterm WR8500N
    NEC Corporation Aterm WR8600N
    NEC Corporation Aterm WR8700N
    NEC Corporation Aterm WR8750N
    NEC Corporation Aterm WR9300N
    NEC Corporation Aterm WR9500N
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000037.html",
      "dc:date": "2024-04-05T14:53+09:00",
      "dcterms:issued": "2024-04-05T14:53+09:00",
      "dcterms:modified": "2024-04-05T14:53+09:00",
      "description": "Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below.\r\n\r\n\u003cul\u003e\r\n\u003cli\u003eIncorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28005\u003c/li\u003e\r\n\u003cli\u003eExposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28006\u003c/li\u003e\r\n\u003cli\u003eIncorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28007\u003c/li\u003e\r\n\u003cli\u003eActive Debug Code (CWE-489) - CVE-2024-28008\u003c/li\u003e\r\n\u003cli\u003eUse of Weak Credentials (CWE-1391) - CVE-2024-28009, CVE-2024-28012\u003c/li\u003e\r\n\u003cli\u003eUse of Hard-coded Credentials (CWE-798) - CVE-2024-28010\u003c/li\u003e\r\n\u003cli\u003eInclusion of Undocumented Features (CWE-1242) - CVE-2024-28011\u003c/li\u003e\r\n\u003cli\u003eInsufficient Session Expiration (CWE-613) - CVE-2024-28013\u003c/li\u003e\r\n\u003cli\u003eBuffer Overflow (CWE-120) - CVE-2024-28014\u003c/li\u003e\r\n\u003cli\u003eOS Command Injection in the web management console (CWE-78) - CVE-2024-28015\u003c/li\u003e\r\n\u003cli\u003eExposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28016\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\r\nThe following people reported the vulnerabilities to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.\r\n\r\nCVE-2024-28005, CVE-2024-28008\r\nRyo Kashiro, and Katsuhiko Sato, and Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University\r\n\r\nCVE-2024-28006, CVE-2024-28007, CVE-2024-28009, CVE-2024-28010, CVE-2024-28011, CVE-2024-28012\r\nRyo Kashiro, and Katsuhiko Sato\r\n\r\nCVE-2024-28013\r\nYudai Morii, Takaya Noma, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University\r\n\r\nCVE-2024-28014, CVE-2024-28015, CVE-2024-28016\r\nTakayuki Sasaki, and Katsunari Yoshioka of Yokohama National University",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000037.html",
      "sec:cpe": [
        {
          "#text": "cpe:/h:nec:atermwm3400rn",
          "@product": "Aterm WM3400RN",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:nec:atermwm3450rn",
          "@product": "Aterm WM3450RN",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:nec:atermwm3600r",
          "@product": "Aterm WM3600R",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:nec:atermwr8160n",
          "@product": "Aterm WR8160N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_cr2500p",
          "@product": "Aterm CR2500P",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_mr01ln",
          "@product": "Aterm MR01LN",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_mr02ln",
          "@product": "Aterm MR02LN",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_w1200ex(-ms)",
          "@product": "Aterm W1200EX(-MS)",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_w300p_firmware",
          "@product": "Aterm W300P",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wf1200hp",
          "@product": "Aterm WF1200HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wf1200hp2",
          "@product": "Aterm WF1200HP2",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wf300hp2_firmware",
          "@product": "Aterm WF300HP2",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wf300hp_firmware",
          "@product": "Aterm WF300HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wf800hp_firmware",
          "@product": "Aterm WF800HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1200hp2_firmware",
          "@product": "Aterm WG1200HP2",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1200hp3_firmware",
          "@product": "Aterm WG1200HP3",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1200hp_firmware",
          "@product": "Aterm WG1200HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1200hs2_firmware",
          "@product": "Aterm WG1200HS2",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1200hs3_firmware",
          "@product": "Aterm WG1200HS3",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1200hs_firmware",
          "@product": "Aterm WG1200HS",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1400hp_firmware",
          "@product": "Aterm WG1400HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1800hp2_firmware",
          "@product": "Aterm WG1800HP2",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1800hp3_firmware",
          "@product": "Aterm WG1800HP3",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1800hp4_firmware",
          "@product": "Aterm WG1800HP4",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1800hp_firmware",
          "@product": "Aterm WG1800HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1810hp(je)",
          "@product": "Aterm WG1810HP(JE)",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1810hp(mf)",
          "@product": "Aterm WG1810HP(MF)",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1900hp2_firmware",
          "@product": "Aterm WG1900HP2",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1900hp_firmware",
          "@product": "Aterm WG1900HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg2200hp_firmware",
          "@product": "Aterm WG2200HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg300hp_firmware",
          "@product": "Aterm WG300HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg600hp_firmware",
          "@product": "Aterm WG600HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wm3500r",
          "@product": "Aterm WM3500R",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wm3800r",
          "@product": "Aterm WM3800R",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr1200h",
          "@product": "Aterm WR1200H",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr4100n",
          "@product": "Aterm WR4100N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr4500n",
          "@product": "Aterm WR4500N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr6600h",
          "@product": "Aterm WR6600H",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr6650s",
          "@product": "Aterm WR6650S",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr6670s",
          "@product": "Aterm WR6670S",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr7800h",
          "@product": "Aterm WR7800H",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr7850s",
          "@product": "Aterm WR7850S",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr7870s",
          "@product": "Aterm WR7870S",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8100n",
          "@product": "Aterm WR8100N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8150n",
          "@product": "Aterm WR8150N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8165n_firmware",
          "@product": "Aterm WR8165N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8166n",
          "@product": "Aterm WR8166N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8170n_firmware",
          "@product": "Aterm WR8170N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8175n_firmware",
          "@product": "Aterm WR8175N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8200n",
          "@product": "Aterm WR8200N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8300n",
          "@product": "Aterm WR8300N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8370n_firmware",
          "@product": "Aterm WR8370N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8400n",
          "@product": "Aterm WR8400N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8500n",
          "@product": "Aterm WR8500N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8600n_firmware",
          "@product": "Aterm WR8600N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8700n_firmware",
          "@product": "Aterm WR8700N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8750n_firmware",
          "@product": "Aterm WR8750N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr9300n_firmware",
          "@product": "Aterm WR9300N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr9500n_firmware",
          "@product": "Aterm WR9500N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "8.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2024-000037",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN82074338/index.html",
          "@id": "JVN#82074338",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28005",
          "@id": "CVE-2024-28005",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28006",
          "@id": "CVE-2024-28006",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28007",
          "@id": "CVE-2024-28007",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28008",
          "@id": "CVE-2024-28008",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28009",
          "@id": "CVE-2024-28009",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28010",
          "@id": "CVE-2024-28010",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28011",
          "@id": "CVE-2024-28011",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28012",
          "@id": "CVE-2024-28012",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28013",
          "@id": "CVE-2024-28013",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28014",
          "@id": "CVE-2024-28014",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28015",
          "@id": "CVE-2024-28015",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-280016",
          "@id": "CVE-2024-28016",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-119",
          "@title": "Buffer Errors(CWE-119)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-200",
          "@title": "Information Exposure(CWE-200)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-287",
          "@title": "Improper Authentication(CWE-287)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-78",
          "@title": "OS Command Injection(CWE-78)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Multiple vulnerabilities in NEC Aterm series"
    }

    JVNDB-2023-000066

    Vulnerability from jvndb - Published: 2023-06-27 15:12 - Updated:2024-05-22 18:16
    Severity
    Summary
    Multiple vulnerabilities in Aterm series
    Details
    Aterm series provided by NEC Corporation contain multiple vulnerabilities listed below. * Directory traversal (CWE-22) - CVE-2023-3330 * Directory traversal (CWE-22) - CVE-2023-3331 * Stored cross-site scripting (CWE-79) - CVE-2023-3332 * OS command injection (CWE-78) - CVE-2023-3333 Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000066.html",
      "dc:date": "2024-05-22T18:16+09:00",
      "dcterms:issued": "2023-06-27T15:12+09:00",
      "dcterms:modified": "2024-05-22T18:16+09:00",
      "description": "Aterm series provided by NEC Corporation contain multiple vulnerabilities listed below.\r\n\r\n  * Directory traversal (CWE-22) - CVE-2023-3330\r\n  * Directory traversal (CWE-22) - CVE-2023-3331\r\n  * Stored cross-site scripting (CWE-79) - CVE-2023-3332\r\n  * OS command injection (CWE-78) - CVE-2023-3333\r\n\r\nTaizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000066.html",
      "sec:cpe": [
        {
          "#text": "cpe:/o:nec:aterm_wf300hp_firmware",
          "@product": "Aterm WF300HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1400hp_firmware",
          "@product": "Aterm WG1400HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1800hp2_firmware",
          "@product": "Aterm WG1800HP2",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg1800hp_firmware",
          "@product": "Aterm WG1800HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg2200hp_firmware",
          "@product": "Aterm WG2200HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg2600hp",
          "@product": "Aterm WG2600HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg2600hp2_firmware",
          "@product": "Aterm WG2600HP2",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg300hp_firmware",
          "@product": "Aterm WG300HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wg600hp_firmware",
          "@product": "Aterm WG600HP",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8170n_firmware",
          "@product": "Aterm WR8170N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8175n_firmware",
          "@product": "Aterm WR8175N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8370n_firmware",
          "@product": "Aterm WR8370N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8600n_firmware",
          "@product": "Aterm WR8600N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8700n_firmware",
          "@product": "Aterm WR8700N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8750n_firmware",
          "@product": "Aterm WR8750N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr9300n_firmware",
          "@product": "Aterm WR9300N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr9500n_firmware",
          "@product": "Aterm WR9500N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "7.7",
          "@severity": "High",
          "@type": "Base",
          "@vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
          "@version": "2.0"
        },
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2023-000066",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN38343415/index.html",
          "@id": "JVN#38343415",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-3330",
          "@id": "CVE-2023-3330",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-3331",
          "@id": "CVE-2023-3331",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-3332",
          "@id": "CVE-2023-3332",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-3333",
          "@id": "CVE-2023-3333",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-3330",
          "@id": "CVE-2023-3330",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-3331",
          "@id": "CVE-2023-3331",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-3332",
          "@id": "CVE-2023-3332",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-3333",
          "@id": "CVE-2023-3333",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-22",
          "@title": "Path Traversal(CWE-22)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-78",
          "@title": "OS Command Injection(CWE-78)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Multiple vulnerabilities in Aterm series"
    }

    JVNDB-2013-000024

    Vulnerability from jvndb - Published: 2013-03-19 13:45 - Updated:2013-06-25 18:19
    Severity
    N/A (UNKNOWN) - -
    Summary
    Multiple NEC mobile routers vulnerable to cross-site request forgery
    Details
    Multiple mobile routers provided by NEC contain a cross-site request forgery vulnerability. Multiple mobile routers provided by NEC contain a vulnerability in web-based management utility, which may result in a cross-site request forgery. Sen UENO of Tricorder Co. Ltd., Hiroshi Kumagai and Kimura Youichi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000024.html",
      "dc:date": "2013-06-25T18:19+09:00",
      "dcterms:issued": "2013-03-19T13:45+09:00",
      "dcterms:modified": "2013-06-25T18:19+09:00",
      "description": "Multiple mobile routers provided by NEC contain a cross-site request forgery vulnerability.\r\n\r\nMultiple mobile routers provided by NEC contain a vulnerability in web-based management utility, which may result in a cross-site request forgery.\r\n\r\nSen UENO of Tricorder Co. Ltd., Hiroshi Kumagai and Kimura Youichi reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000024.html",
      "sec:cpe": [
        {
          "#text": "cpe:/h:nec:atermwm3450rn",
          "@product": "Aterm WM3450RN",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:nec:atermwm3600r",
          "@product": "Aterm WM3600R",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/h:nec:atermwr8160n",
          "@product": "Aterm WR8160N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8170n_firmware",
          "@product": "Aterm WR8170N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8370n_firmware",
          "@product": "Aterm WR8370N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8600n_firmware",
          "@product": "Aterm WR8600N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr8700n_firmware",
          "@product": "Aterm WR8700N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:nec:aterm_wr9500n_firmware",
          "@product": "Aterm WR9500N",
          "@vendor": "NEC Corporation",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000024",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN59503133/index.html",
          "@id": "JVN#59503133",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0717",
          "@id": "CVE-2013-0717",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0717",
          "@id": "CVE-2013-0717",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-352",
          "@title": "Cross-Site Request Forgery(CWE-352)"
        }
      ],
      "title": "Multiple NEC mobile routers vulnerable to cross-site request forgery"
    }

    CVE-2023-3333 (GCVE-0-2023-3333)

    Vulnerability from nvd – Published: 2023-06-28 01:33 – Updated: 2024-12-04 20:54
    VLAI
    Summary
    Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command
    Assigner
    NEC
    Impacted products
    Vendor Product Version
    NEC Corporation Aterm WG2600HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2200HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1400HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WF300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9500N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9300N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8750N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8700N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8600N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8370N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8175N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8170N Affected: all versions
    Create a notification for this product.
    Credits
    Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:55:00.761Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3333",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T20:53:06.426600Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T20:54:19.552Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Aterm WG2600HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1400HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WF300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9500N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9300N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8750N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8700N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8600N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8370N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8175N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8170N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea attacker\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eexecute an arbitrary OS command with the root privilege, a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efter obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e"
                }
              ],
              "value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-03T02:11:31.242Z",
            "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
            "shortName": "NEC"
          },
          "references": [
            {
              "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nStop using the products or remove the USB storage.\u003cbr\u003e"
                }
              ],
              "value": "\nStop using the products or remove the USB storage.\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "assignerShortName": "NEC",
        "cveId": "CVE-2023-3333",
        "datePublished": "2023-06-28T01:33:27.976Z",
        "dateReserved": "2023-06-20T01:14:11.982Z",
        "dateUpdated": "2024-12-04T20:54:19.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3332 (GCVE-0-2023-3332)

    Vulnerability from nvd – Published: 2023-06-28 01:25 – Updated: 2024-12-04 20:52
    VLAI
    Summary
    Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to  execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation
    Assigner
    NEC
    Impacted products
    Vendor Product Version
    NEC Corporation Aterm WG2600HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2200HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1400HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WF300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9500N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9300N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8750N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8700N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8600N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8370N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8175N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8170N Affected: all versions
    Create a notification for this product.
    Credits
    Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:55:01.051Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3332",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T20:51:46.467696Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T20:52:34.092Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Aterm WG2600HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1400HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WF300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9500N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9300N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8750N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8700N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8600N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8370N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8175N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8170N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea attacker\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eexecute an arbitrary script, a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efter obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0\n\nexecute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-03T02:10:55.668Z",
            "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
            "shortName": "NEC"
          },
          "references": [
            {
              "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nStop using the products or remove the USB storage.\u003cbr\u003e"
                }
              ],
              "value": "\nStop using the products or remove the USB storage.\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "assignerShortName": "NEC",
        "cveId": "CVE-2023-3332",
        "datePublished": "2023-06-28T01:25:03.905Z",
        "dateReserved": "2023-06-20T01:14:10.138Z",
        "dateUpdated": "2024-12-04T20:52:34.092Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3331 (GCVE-0-2023-3331)

    Vulnerability from nvd – Published: 2023-06-28 01:19 – Updated: 2024-12-04 20:49
    VLAI
    Summary
    Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to delete specific files in the product.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
    Assigner
    NEC
    Impacted products
    Vendor Product Version
    NEC Corporation Aterm WG2600HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2200HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1400HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WF300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9500N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9300N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8750N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8700N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8600N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8370N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8175N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8170N Affected: all versions
    Create a notification for this product.
    Credits
    Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:55:02.734Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3331",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T20:47:49.905817Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T20:49:51.994Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Aterm WG2600HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1400HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WF300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9500N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9300N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8750N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8700N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8600N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8370N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8175N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8170N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea attacker\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edelete\u003c/span\u003e\n\n specific files in the product\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e"
                }
              ],
              "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0delete\n\n specific files in the product."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-03T02:10:13.150Z",
            "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
            "shortName": "NEC"
          },
          "references": [
            {
              "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nStop using the products or remove the USB storage.\u003cbr\u003e"
                }
              ],
              "value": "\nStop using the products or remove the USB storage.\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "assignerShortName": "NEC",
        "cveId": "CVE-2023-3331",
        "datePublished": "2023-06-28T01:19:45.378Z",
        "dateReserved": "2023-06-20T01:14:08.079Z",
        "dateUpdated": "2024-12-04T20:49:51.994Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3330 (GCVE-0-2023-3330)

    Vulnerability from nvd – Published: 2023-06-28 01:13 – Updated: 2024-12-04 21:42
    VLAI
    Summary
    Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to obtain specific files in the product.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
    Assigner
    NEC
    Impacted products
    Vendor Product Version
    NEC Corporation Aterm WG2600HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2200HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1400HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WF300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9500N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9300N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8750N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8700N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8600N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8370N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8175N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8170N Affected: all versions
    Create a notification for this product.
    Credits
    Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:55:00.699Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3330",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T20:43:58.758310Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T21:42:54.798Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Aterm WG2600HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1400HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WF300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9500N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9300N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8750N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8700N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8600N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8370N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8175N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8170N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea attacker\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;obtain specific files in the product\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e"
                }
              ],
              "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0obtain specific files in the product."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-28T00:56:00.401Z",
            "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
            "shortName": "NEC"
          },
          "references": [
            {
              "url": "https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nStop using the products or remove the USB storage.\u003cbr\u003e"
                }
              ],
              "value": "\nStop using the products or remove the USB storage.\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "assignerShortName": "NEC",
        "cveId": "CVE-2023-3330",
        "datePublished": "2023-06-28T01:13:03.181Z",
        "dateReserved": "2023-06-20T01:14:05.654Z",
        "dateUpdated": "2024-12-04T21:42:54.798Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3333 (GCVE-0-2023-3333)

    Vulnerability from cvelistv5 – Published: 2023-06-28 01:33 – Updated: 2024-12-04 20:54
    VLAI
    Summary
    Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command
    Assigner
    NEC
    Impacted products
    Vendor Product Version
    NEC Corporation Aterm WG2600HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2200HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1400HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WF300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9500N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9300N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8750N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8700N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8600N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8370N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8175N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8170N Affected: all versions
    Create a notification for this product.
    Credits
    Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:55:00.761Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3333",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T20:53:06.426600Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T20:54:19.552Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Aterm WG2600HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1400HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WF300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9500N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9300N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8750N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8700N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8600N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8370N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8175N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8170N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea attacker\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eexecute an arbitrary OS command with the root privilege, a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efter obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e"
                }
              ],
              "value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-03T02:11:31.242Z",
            "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
            "shortName": "NEC"
          },
          "references": [
            {
              "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nStop using the products or remove the USB storage.\u003cbr\u003e"
                }
              ],
              "value": "\nStop using the products or remove the USB storage.\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "assignerShortName": "NEC",
        "cveId": "CVE-2023-3333",
        "datePublished": "2023-06-28T01:33:27.976Z",
        "dateReserved": "2023-06-20T01:14:11.982Z",
        "dateUpdated": "2024-12-04T20:54:19.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3332 (GCVE-0-2023-3332)

    Vulnerability from cvelistv5 – Published: 2023-06-28 01:25 – Updated: 2024-12-04 20:52
    VLAI
    Summary
    Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to  execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation
    Assigner
    NEC
    Impacted products
    Vendor Product Version
    NEC Corporation Aterm WG2600HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2200HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1400HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WF300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9500N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9300N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8750N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8700N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8600N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8370N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8175N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8170N Affected: all versions
    Create a notification for this product.
    Credits
    Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:55:01.051Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3332",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T20:51:46.467696Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T20:52:34.092Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Aterm WG2600HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1400HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WF300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9500N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9300N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8750N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8700N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8600N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8370N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8175N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8170N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea attacker\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eexecute an arbitrary script, a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efter obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e"
                }
              ],
              "value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0\n\nexecute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-03T02:10:55.668Z",
            "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
            "shortName": "NEC"
          },
          "references": [
            {
              "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nStop using the products or remove the USB storage.\u003cbr\u003e"
                }
              ],
              "value": "\nStop using the products or remove the USB storage.\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "assignerShortName": "NEC",
        "cveId": "CVE-2023-3332",
        "datePublished": "2023-06-28T01:25:03.905Z",
        "dateReserved": "2023-06-20T01:14:10.138Z",
        "dateUpdated": "2024-12-04T20:52:34.092Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3331 (GCVE-0-2023-3331)

    Vulnerability from cvelistv5 – Published: 2023-06-28 01:19 – Updated: 2024-12-04 20:49
    VLAI
    Summary
    Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to delete specific files in the product.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
    Assigner
    NEC
    Impacted products
    Vendor Product Version
    NEC Corporation Aterm WG2600HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2200HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1400HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WF300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9500N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9300N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8750N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8700N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8600N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8370N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8175N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8170N Affected: all versions
    Create a notification for this product.
    Credits
    Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:55:02.734Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3331",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T20:47:49.905817Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T20:49:51.994Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Aterm WG2600HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1400HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WF300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9500N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9300N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8750N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8700N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8600N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8370N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8175N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8170N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea attacker\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edelete\u003c/span\u003e\n\n specific files in the product\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e"
                }
              ],
              "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0delete\n\n specific files in the product."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-03T02:10:13.150Z",
            "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
            "shortName": "NEC"
          },
          "references": [
            {
              "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nStop using the products or remove the USB storage.\u003cbr\u003e"
                }
              ],
              "value": "\nStop using the products or remove the USB storage.\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "assignerShortName": "NEC",
        "cveId": "CVE-2023-3331",
        "datePublished": "2023-06-28T01:19:45.378Z",
        "dateReserved": "2023-06-20T01:14:08.079Z",
        "dateUpdated": "2024-12-04T20:49:51.994Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3330 (GCVE-0-2023-3330)

    Vulnerability from cvelistv5 – Published: 2023-06-28 01:13 – Updated: 2024-12-04 21:42
    VLAI
    Summary
    Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to obtain specific files in the product.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
    Assigner
    NEC
    Impacted products
    Vendor Product Version
    NEC Corporation Aterm WG2600HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG2200HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP2 Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1800HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG1400HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG600HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WG300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WF300HP Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9500N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR9300N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8750N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8700N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8600N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8370N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8175N Affected: all versions
    Create a notification for this product.
    NEC Corporation Aterm WR8170N Affected: all versions
    Create a notification for this product.
    Credits
    Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:55:00.699Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3330",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T20:43:58.758310Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T21:42:54.798Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Aterm WG2600HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG2200HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP2",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1800HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG1400HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG600HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WG300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WF300HP",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9500N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR9300N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8750N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8700N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8600N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8370N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8175N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Aterm WR8170N",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea attacker\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;obtain specific files in the product\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e"
                }
              ],
              "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0obtain specific files in the product."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-28T00:56:00.401Z",
            "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
            "shortName": "NEC"
          },
          "references": [
            {
              "url": "https://jpn.nec.com/security-info/secinfo/nv23-007_en.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nStop using the products or remove the USB storage.\u003cbr\u003e"
                }
              ],
              "value": "\nStop using the products or remove the USB storage.\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "assignerShortName": "NEC",
        "cveId": "CVE-2023-3330",
        "datePublished": "2023-06-28T01:13:03.181Z",
        "dateReserved": "2023-06-20T01:14:05.654Z",
        "dateUpdated": "2024-12-04T21:42:54.798Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }