CVE-2024-28007 - Vulnerability Details

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Nec	Aterm W1200ex-ms Firmware Aterm Wf300hp2 Firmware Aterm Wf300hp Firmware Aterm Wf800hp Firmware Aterm Wg1200hp3 Firmware Aterm Wg1200hp Firmware Aterm Wg1200hs2 Firmware Aterm Wg1200hs3 Firmware Aterm Wg1200hs Firmware Aterm Wg1400hp Firmware Aterm Wg1800hp2 Firmware Aterm Wg1800hp3 Aterm Wg1800hp4 Firmware Aterm Wg1800hp Firmware Aterm Wg1900hp2 Firmware Aterm Wg1900hp Firmware Aterm Wg2200hp Firmware Aterm Wg300hp Firmware Aterm Wg600hp Firmware Aterm Wr8165n Firmware Aterm Wr8170n Firmware Aterm Wr8175n Firmware Aterm Wr8370n Firmware Aterm Wr8600n Firmware Aterm Wr8700n Firmware Aterm Wr8750n Firmware Aterm Wr9300n Firmware Aterm Wr9500n Firmware

No data.

References

Link	Providers
https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html
https://jpn.nec.com/security-info/secinfo/nv24-001_en.html

History

Tue, 14 Jan 2025 04:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Nec Nec aterm W1200ex-ms Firmware Nec aterm Wf300hp2 Firmware Nec aterm Wf300hp Firmware Nec aterm Wf800hp Firmware Nec aterm Wg1200hp3 Firmware Nec aterm Wg1200hp Firmware Nec aterm Wg1200hs2 Firmware Nec aterm Wg1200hs3 Firmware Nec aterm Wg1200hs Firmware Nec aterm Wg1400hp Firmware Nec aterm Wg1800hp2 Firmware Nec aterm Wg1800hp3 Nec aterm Wg1800hp4 Firmware Nec aterm Wg1800hp Firmware Nec aterm Wg1900hp2 Firmware Nec aterm Wg1900hp Firmware Nec aterm Wg2200hp Firmware Nec aterm Wg300hp Firmware Nec aterm Wg600hp Firmware Nec aterm Wr8165n Firmware Nec aterm Wr8170n Firmware Nec aterm Wr8175n Firmware Nec aterm Wr8370n Firmware Nec aterm Wr8600n Firmware Nec aterm Wr8700n Firmware Nec aterm Wr8750n Firmware Nec aterm Wr9300n Firmware Nec aterm Wr9500n Firmware
CPEs		cpe:2.3:h:nec:aterm_wg1800hp3:-:::::::* cpe:2.3:o:nec:aterm_w1200ex-ms_firmware:-:::::::* cpe:2.3:o:nec:aterm_wf300hp2_firmware:-:::::::* cpe:2.3:o:nec:aterm_wf300hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wf800hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1200hp3_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1200hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1200hs2_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1200hs3_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1200hs_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1800hp4_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1900hp2_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg1900hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg300hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wg600hp_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr8165n_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr8170n_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr8175n_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr8370n_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr8600n_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr8700n_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr8750n_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr9300n_firmware:-:::::::* cpe:2.3:o:nec:aterm_wr9500n_firmware:-:::::::*
Vendors & Products		Nec Nec aterm W1200ex-ms Firmware Nec aterm Wf300hp2 Firmware Nec aterm Wf300hp Firmware Nec aterm Wf800hp Firmware Nec aterm Wg1200hp3 Firmware Nec aterm Wg1200hp Firmware Nec aterm Wg1200hs2 Firmware Nec aterm Wg1200hs3 Firmware Nec aterm Wg1200hs Firmware Nec aterm Wg1400hp Firmware Nec aterm Wg1800hp2 Firmware Nec aterm Wg1800hp3 Nec aterm Wg1800hp4 Firmware Nec aterm Wg1800hp Firmware Nec aterm Wg1900hp2 Firmware Nec aterm Wg1900hp Firmware Nec aterm Wg2200hp Firmware Nec aterm Wg300hp Firmware Nec aterm Wg600hp Firmware Nec aterm Wr8165n Firmware Nec aterm Wr8170n Firmware Nec aterm Wr8175n Firmware Nec aterm Wr8370n Firmware Nec aterm Wr8600n Firmware Nec aterm Wr8700n Firmware Nec aterm Wr8750n Firmware Nec aterm Wr9300n Firmware Nec aterm Wr9500n Firmware
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 14 Jan 2025 04:00:00 +0000

Type	Values Removed	Values Added
References		https://jpn.nec.com/security-info/secinfo/nv24-001_en.html

MITRE

Status: PUBLISHED

Assigner: NEC

Published: 2024-03-28T00:52:05.655Z

Updated: 2025-01-14T03:51:05.642Z

Reserved: 2024-02-29T08:40:07.582Z

Link: CVE-2024-28007

Vulnrichment

Updated: 2024-08-02T00:48:47.624Z

NVD

Status : Awaiting Analysis

Published: 2024-03-28T01:15:47.250

Modified: 2025-01-14T04:15:10.180

Link: CVE-2024-28007

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object