What is the severity of CVE-2024-28012?

CVE-2024-28012 is classified with a medium severity level due to its potential impact on improper authentication.

How do I fix CVE-2024-28012?

To fix CVE-2024-28012, upgrade to the latest firmware version provided by NEC Corporation for your affected Aterm device.

Which devices are affected by CVE-2024-28012?

CVE-2024-28012 affects multiple NEC Aterm devices, including models like WG1800HP4, WG1900HP2, WG1200HS3, and others.

What is the impact of CVE-2024-28012?

The impact of CVE-2024-28012 includes unauthorized access due to improper authentication mechanisms in affected devices.

Is CVE-2024-28012 being actively exploited?

As of now, there is no public information indicating that CVE-2024-28012 is being actively exploited in the wild.

Vulnerability/
CVE-2024-28012

critical

9.8

CWE

287

EPSS

0.043%

28/3/2024

14/1/2025

CVE-2024-28012

First published: Thu Mar 28 2024(Updated: )

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet.

Credit: psirt-info@cyber.jp.nec.com

Affected Software	Affected Version	How to fix
NEC Aterm WG1800HP4
Aterm WG1200HS3
NEC Aterm WG1900HP2 Firmware
NEC Aterm WG1200HP3
Aterm WG1800HP3 Firmware
Aterm WG1200HS2 Firmware
NEC Aterm WG1900HP
Aterm WG1200HP2 firmware
NEC Aterm W1200EX-MS firmware
NEC Aterm WG1200HS
NEC Aterm WF1200HP
NEC Aterm WF300HP2 Firmware
NEC Aterm W300P firmware
NEC Aterm WF800HP firmware
Aterm WR8165N
Aterm WG2200HP
NEC Aterm WF1200HP2
NEC Aterm WG1800HP2 firmware
NEC Aterm WF1200HP
Aterm WG600HP
NEC Aterm WG300HP firmware
NEC Aterm WF300HP firmware
NEC Aterm WG1800HP3
Aterm WG1400HP
NEC Aterm WR8175N firmware
NEC Aterm WR9300N
NEC Aterm WR8750N firmware
NEC Aterm WR8160N
NEC Aterm WR9500N firmware
Aterm WR8600N
NEC Aterm WR8370N firmware
NEC Aterm WR8170N firmware
Aterm WR8700N
NEC Aterm WR8300N
NEC Aterm WR8150N
NEC Aterm WR4100N
NEC Aterm WR4500N
NEC Aterm WR8100N
NEC Aterm WR8500N
NEC Aterm CR2500P
NEC Aterm WR8400N
NEC Aterm WR8200N
NEC Aterm WR1200H
NEC Aterm WR7870S
NEC Aterm WR6670S
NEC Aterm WR7850S
NEC Aterm WR6650S
NEC Aterm WR6600H
NEC Aterm WR7800H
NEC Aterm WM3400RN
NEC Aterm WM3450RN
NEC Aterm WM3500R
NEC Aterm WM3600R
NEC Aterm WM3800R
NEC Aterm WR8166N
NEC Aterm MR01LN
NEC Aterm MR02LN
NEC Aterm WG1810HP
NEC Aterm WG1810HP

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-28012?
CVE-2024-28012 is classified with a medium severity level due to its potential impact on improper authentication.
How do I fix CVE-2024-28012?
To fix CVE-2024-28012, upgrade to the latest firmware version provided by NEC Corporation for your affected Aterm device.
Which devices are affected by CVE-2024-28012?
CVE-2024-28012 affects multiple NEC Aterm devices, including models like WG1800HP4, WG1900HP2, WG1200HS3, and others.
What is the impact of CVE-2024-28012?
The impact of CVE-2024-28012 includes unauthorized access due to improper authentication mechanisms in affected devices.
Is CVE-2024-28012 being actively exploited?
As of now, there is no public information indicating that CVE-2024-28012 is being actively exploited in the wild.

CVE-2024-28012

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-28012?

How do I fix CVE-2024-28012?

Which devices are affected by CVE-2024-28012?

What is the impact of CVE-2024-28012?

Is CVE-2024-28012 being actively exploited?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-28012?

How do I fix CVE-2024-28012?

Which devices are affected by CVE-2024-28012?

What is the impact of CVE-2024-28012?

Is CVE-2024-28012 being actively exploited?