| Assigner | NEC |
| Reserved | 2024-02-29 |
| Published | 2024-03-28 |
| Updated | 2024-08-02 |
Description
Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet.
Product status
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Default status
unknown
all versions
affected
Credits
Katsuhiko Sato and Ryo Kashiro of 00One, Inc. reporter
References
https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html
cve.org CVE-2024-28010
nvd.nist.gov CVE-2024-28010
Download JSON
