ГлавнаяУязвимости → CVE-2024-28009
9.8критическая

CVE-2024-28009

Описание

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet.

Затрагиваемое ПО
Nec Aterm wg1800hp4 firmwareNec Aterm wg1800hp4Nec Aterm wg1200hs3 firmwareNec Aterm wg1200hs3Nec Aterm wg1900hp2 firmwareNec Aterm wg1900hp2Nec Aterm wg1200hp3 firmwareNec Aterm wg1200hp3Nec Aterm wg1800hp3 firmwareNec Aterm wg1800hp3Nec Aterm wg1200hs2 firmwareNec Aterm wg1200hs2Nec Aterm wg1900hp firmwareNec Aterm wg1900hpNec Aterm wg1200hp2 firmwareNec Aterm wg1200hp2Nec Aterm w1200ex-ms firmwareNec Aterm w1200ex-msNec Aterm wg1200hs firmwareNec Aterm wg1200hsNec Aterm wg1200hp firmwareNec Aterm wg1200hpNec Aterm wf300hp2 firmwareNec Aterm wf300hp2Nec Aterm w300p firmware
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://jpn.nec.com/security-info/secinfo/nv24-001_en.htmlhttps://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html