| Assigner | jpcert |
| Reserved | 2024-06-06 |
| Published | 2024-07-17 |
| Updated | 2024-08-02 |
Description
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed.
Product status
firmware version 7.4.9 and earlier
affected
firmware version 21.16.1 and earlier
affected
firmware version 21.14.11 and earlier
affected
firmware version 21.11.13 and earlier
affected
firmware version 5.30.9 and earlier
affected
firmware version 5.30.12 and earlier
affected
firmware version 21.8.3 and earlier
affected
firmware version 9.12.15 and earlier
affected
firmware version 21.7.28B and earlier
affected
firmware version 21.15.2 and earlier
affected
firmware version 21.7.30C and earlier
affected
firmware version 6.23.10 and earlier
affected
firmware version 21.15.5 and earlier
affected
firmware version 21.12.9 and earlier
affected
firmware version 21.7.31 and earlier
affected
firmware version 10.1.4 and earlier
affected
firmware version 5.25.21 and earlier
affected
firmware version 5.13.21 and earlier
affected
firmware version 5.22.5M and earlier
affected
firmware version 5.25.7H and earlier
affected
firmware version 5.25.7H and earlier
affected
firmware version 1.4.7 and earlier
affected
References
https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.html
https://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.html
https://jvn.jp/en/vu/JVNVU96424864/
cve.org CVE-2024-36475
nvd.nist.gov CVE-2024-36475
Download JSON
Share this page
https://cve.threatint.com/CVE/CVE-2024-36475
Subscribe to our newsletter to learn more about our work.
