Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet.
The authentication mechanism in the firmware of NEC Aterm devices contains an improper authentication class error that enables bypassing identity verification without knowledge of any credentials. An attacker sending a specially crafted request over the internet can circumvent access control and issue system commands. Commands are executed in the context of the root account, meaning full access to the device's operating system.
Attacker gains full control over the device with root privileges, enabling configuration reading and modification, network traffic interception, DNS settings changes, and leveraging the device as an entry point to the local network.
Security patches from the manufacturer should be applied according to references (https://jpn.nec.com/security-info/secinfo/nv24-001_en.html). Until updates are deployed, it is recommended to block internet access to device management panels and restrict the administrative interface exposure exclusively to trusted IP addresses on the local network.
All firmware versions of the following NEC Aterm devices: WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN, MR02LN, WG1810HP(JE), and WG1810HP(MF).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNec Aterm Cr2500p
HWNecwszystkie wersjeNec Aterm Cr2500p Firmware
OSNecwszystkie wersjeNec Aterm Mr01ln
HWNecwszystkie wersjeNec Aterm Mr01ln Firmware
OSNecwszystkie wersjeNec Aterm Mr02ln
HWNecwszystkie wersjeNec Aterm Mr02ln Firmware
OSNecwszystkie wersjeNec Aterm W300p
HWNecwszystkie wersjeNec Aterm W300p Firmware
OSNecwszystkie wersjeNec Aterm Wf1200hp
HWNecwszystkie wersjeNec Aterm Wf1200hp2
HWNecwszystkie wersjeNec Aterm Wf1200hp2 Firmware
OSNecwszystkie wersjeNec Aterm Wf1200hp Firmware
OSNecwszystkie wersjeNec Aterm Wf300hp
HWNecwszystkie wersjeNec Aterm Wf300hp2
HWNecwszystkie wersjeNec Aterm Wf300hp2 Firmware
OSNecwszystkie wersjeNec Aterm Wf300hp Firmware
OSNecwszystkie wersjeNec Aterm Wf800hp
HWNecwszystkie wersjeNec Aterm Wf800hp Firmware
OSNecwszystkie wersjeNec Aterm Wg1200hs3
HWNecwszystkie wersjeNec Aterm Wg1200hs3 Firmware
OSNecwszystkie wersjeNec Aterm Wg1400hp
HWNecwszystkie wersjeNec Aterm Wg1400hp Firmware
OSNecwszystkie wersjeNec Aterm Wg1800hp
HWNecwszystkie wersjeNec Aterm Wg1800hp2
HWNecwszystkie wersjeNec Aterm Wg1800hp2 Firmware
OSNecwszystkie wersjeNec Aterm Wg1800hp4
HWNecwszystkie wersjeNec Aterm Wg1800hp4 Firmware
OSNecwszystkie wersjeNec Aterm Wg1800hp Firmware
OSNecwszystkie wersjeNec Aterm Wg1810hp\(je\)
HWNecwszystkie wersjeNec Aterm Wg1810hp\(je\) Firmware
OSNecwszystkie wersje
Related vulnerabilities
Ukryta funkcjonalność w routerach NEC Aterm umożliwia RCE z uprawnieniami root
Hardcoded password w routerach NEC Aterm — zdalne wykonanie poleceń OS
Auth Bypass w NEC Aterm — zdalne wykonanie kodu jako root
Active Debug Code w routerach NEC Aterm — zdalne wykonanie poleceń OS
Auth Bypass w NEC Aterm — zdalne wykonanie kodu jako root