Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet.
The authentication mechanism in the firmware of NEC Aterm devices contains an implementation flaw of the improper authentication class, which allows bypassing identity verification without providing any credentials. An attacker can send a specially crafted request to the device over the internet (without local access, without user interaction, and without an account) and gain the ability to execute arbitrary system commands. Commands are executed in the context of the root account, meaning with the highest privileges in the system.
An attacker gains full control of the device with root privileges, enabling network configuration modification, traffic interception, malicious software installation, or use of the device as an entry point to the internal network.
Apply patches available from the manufacturer according to references (https://jpn.nec.com/security-info/secinfo/nv24-001_en.html). Until updates are applied, it is recommended to restrict access to the device management panel exclusively from trusted IP addresses and disable remote management over the internet if not absolutely necessary.
All firmware versions of the following NEC Aterm devices: WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN, MR02LN, WG1810HP(JE), and WG1810HP(MF).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNec Aterm Cr2500p
HWNecwszystkie wersjeNec Aterm Cr2500p Firmware
OSNecwszystkie wersjeNec Aterm W1200ex Ms
HWNecwszystkie wersjeNec Aterm W1200ex Ms Firmware
OSNecwszystkie wersjeNec Aterm W300p
HWNecwszystkie wersjeNec Aterm W300p Firmware
OSNecwszystkie wersjeNec Aterm Wf1200hp
HWNecwszystkie wersjeNec Aterm Wf1200hp2
HWNecwszystkie wersjeNec Aterm Wf1200hp2 Firmware
OSNecwszystkie wersjeNec Aterm Wf1200hp Firmware
OSNecwszystkie wersjeNec Aterm Wf300hp
HWNecwszystkie wersjeNec Aterm Wf300hp2
HWNecwszystkie wersjeNec Aterm Wf300hp2 Firmware
OSNecwszystkie wersjeNec Aterm Wf300hp Firmware
OSNecwszystkie wersjeNec Aterm Wf800hp
HWNecwszystkie wersjeNec Aterm Wf800hp Firmware
OSNecwszystkie wersjeNec Aterm Wg1200hp
HWNecwszystkie wersjeNec Aterm Wg1200hp2
HWNecwszystkie wersjeNec Aterm Wg1200hp2 Firmware
OSNecwszystkie wersjeNec Aterm Wg1200hp3
HWNecwszystkie wersjeNec Aterm Wg1200hp3 Firmware
OSNecwszystkie wersjeNec Aterm Wg1200hp Firmware
OSNecwszystkie wersjeNec Aterm Wg1200hs
HWNecwszystkie wersjeNec Aterm Wg1200hs2
HWNecwszystkie wersjeNec Aterm Wg1200hs2 Firmware
OSNecwszystkie wersjeNec Aterm Wg1200hs3
HWNecwszystkie wersjeNec Aterm Wg1200hs3 Firmware
OSNecwszystkie wersjeNec Aterm Wg1200hs Firmware
OSNecwszystkie wersjeNec Aterm Wg1400hp
HWNecwszystkie wersjeNec Aterm Wg1400hp Firmware
OSNecwszystkie wersje
Related vulnerabilities
Hardcoded password w routerach NEC Aterm — zdalne wykonanie poleceń OS
Auth Bypass w NEC Aterm — zdalne wykonanie kodu jako root
Active Debug Code w routerach NEC Aterm — zdalne wykonanie poleceń OS
Auth Bypass w NEC Aterm — zdalne wykonanie poleceń jako root
Ukryta funkcjonalność w routerach NEC Aterm umożliwia RCE z uprawnieniami root