First published: Thu Mar 28 2024(Updated: )
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet.
Credit: psirt-info@cyber.jp.nec.com
Affected Software | Affected Version | How to fix |
---|---|---|
NEC Aterm WG1800HP4 | <= | |
Aterm WG1200HS3 | <= | |
NEC Aterm WG1900HP2 Firmware | <= | |
NEC Aterm WG1200HP3 | <= | |
Aterm WG1800HP3 Firmware | <= | |
Aterm WG1200HS2 Firmware | <= | |
NEC Aterm WG1900HP | <= | |
Aterm WG1200HP2 firmware | <= | |
NEC Aterm W1200EX-MS firmware | <= | |
NEC Aterm WG1200HS | <= | |
NEC Aterm WF1200HP | <= | |
NEC Aterm WF300HP2 Firmware | <= | |
NEC Aterm W300P firmware | <= | |
NEC Aterm WF800HP firmware | <= | |
Aterm WR8165N | <= | |
Aterm WG2200HP | <= | |
NEC Aterm WF1200HP2 | <= | |
NEC Aterm WG1800HP2 firmware | <= | |
NEC Aterm WF1200HP | <= | |
Aterm WG600HP | <= | |
NEC Aterm WG300HP firmware | <= | |
NEC Aterm WF300HP firmware | <= | |
NEC Aterm WG1800HP3 | <= | |
Aterm WG1400HP | <= | |
NEC Aterm WR8175N firmware | <= | |
NEC Aterm WR9300N | <= | |
NEC Aterm WR8750N firmware | <= | |
NEC Aterm WR8160N | <= | |
NEC Aterm WR9500N firmware | <= | |
Aterm WR8600N | <= | |
NEC Aterm WR8370N firmware | <= | |
NEC Aterm WR8170N firmware | <= | |
Aterm WR8700N | <= | |
NEC Aterm WR8300N | <= | |
NEC Aterm WR8150N | <= | |
NEC Aterm WR4100N | <= | |
NEC Aterm WR4500N | <= | |
NEC Aterm WR8100N | <= | |
NEC Aterm WR8500N | <= | |
NEC Aterm CR2500P | <= | |
NEC Aterm WR8400N | <= | |
NEC Aterm WR8200N | <= | |
NEC Aterm WR1200H | <= | |
NEC Aterm WR7870S | <= | |
NEC Aterm WR6670S | <= | |
NEC Aterm WR7850S | <= | |
NEC Aterm WR6650S | <= | |
NEC Aterm WR6600H | <= | |
NEC Aterm WR7800H | <= | |
NEC Aterm WM3400RN | <= | |
NEC Aterm WM3450RN | <= | |
NEC Aterm WM3500R | <= | |
NEC Aterm WM3600R | <= | |
NEC Aterm WM3800R | <= | |
NEC Aterm WR8166N | <= | |
NEC Aterm MR01LN | <= | |
NEC Aterm MR02LN | <= | |
NEC Aterm WG1810HP | <= | |
NEC Aterm WG1810HP | <= |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-28007 is classified as a medium severity vulnerability due to improper authentication.
To fix CVE-2024-28007, update the firmware of the affected NEC Aterm devices to the latest version provided by the vendor.
CVE-2024-28007 affects various models including Aterm WG1800HP4, WG1200HS3, WG1900HP2, and several others.
CVE-2024-28007 is an improper authentication vulnerability that can potentially allow unauthorized access.
Yes, NEC has released firmware updates to address the vulnerability described in CVE-2024-28007.