CVSS: 10.0EPSS: 0%CPEs: 59EXPL: 0CVE-2024-28009
https://notcve.org/view.php?id=CVE-2024-28009
28 Mar 2024 — Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650... • https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 59EXPL: 0CVE-2024-28008
https://notcve.org/view.php?id=CVE-2024-28008
28 Mar 2024 — Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H,... • https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html • CWE-489: Active Debug Code •
CVSS: 10.0EPSS: 0%CPEs: 59EXPL: 0CVE-2024-28007
https://notcve.org/view.php?id=CVE-2024-28007
28 Mar 2024 — Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650... • https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 59EXPL: 0CVE-2024-28006
https://notcve.org/view.php?id=CVE-2024-28006
28 Mar 2024 — Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650... • https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2024-28005
https://notcve.org/view.php?id=CVE-2024-28005
28 Mar 2024 — Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R... • https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-250: Execution with Unnecessary Privileges •
CVSS: 10.0EPSS: 0%CPEs: 44EXPL: 0CVE-2023-3741
https://notcve.org/view.php?id=CVE-2023-3741
30 Nov 2023 — An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions allows an attacker to execute any command on the device. Una vulnerabilidad de inyección de comandos del sistema operativo en NEC Platforms DT900 and DT900S Series, todas las versiones, permite a un atacante ejecutar cualquier comando en el dispositivo. • https://https://jpn.nec.com/security-info/secinfo/nv23-011_en.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 52EXPL: 0CVE-2023-39548
https://notcve.org/view.php?id=CVE-2023-39548
17 Nov 2023 — CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. CLUSTERPRO X Ver5.1 y anteriores y EXPRESSCLUSTER X 5.1 y anteriores, CLUSTERPRO X SingleServerSafe 5.0 y anteriores, EXPRESSCLUSTER X SingleServerSafe 5.0 y anteriores permiten que un atacante inicie sesión en el producto y pueda ejecutar un comando arbitrario. • https://jpn.nec.com/security-info/secinfo/nv23-009_en.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 0%CPEs: 48EXPL: 0CVE-2023-39547
https://notcve.org/view.php?id=CVE-2023-39547
17 Nov 2023 — CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. CLUSTERPRO X Ver5.1 y anteriores y EXPRESSCLUSTER X 5.1 y anteriores, CLUSTERPRO X SingleServerSafe 5.0 y anteriores, EXPRESSCLUSTER X SingleServerSafe 5.0 y anteriores permiten que un atacante inicie sesión en el producto y pueda ejecutar un comando arbitrario. • https://jpn.nec.com/security-info/secinfo/nv23-009_en.html • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 9.0EPSS: 0%CPEs: 52EXPL: 0CVE-2023-39546
https://notcve.org/view.php?id=CVE-2023-39546
17 Nov 2023 — CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. CLUSTERPRO X Ver5.1 y anteriores y EXPRESSCLUSTER X 5.1 y anteriores, CLUSTERPRO X SingleServerSafe 5.0 y anteriores, EXPRESSCLUSTER X SingleServerSafe 5.0 y anteriores permiten que un atacante inicie sesión en el producto y pueda ejecutar un comando arbitrario. • https://jpn.nec.com/security-info/secinfo/nv23-009_en.html • CWE-836: Use of Password Hash Instead of Password for Authentication •
CVSS: 9.0EPSS: 0%CPEs: 52EXPL: 0CVE-2023-39545
https://notcve.org/view.php?id=CVE-2023-39545
17 Nov 2023 — CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. CLUSTERPRO X Ver5.1 y anteriores y EXPRESSCLUSTER X 5.1 y anteriores, CLUSTERPRO X SingleServerSafe 5.0 y anteriores, EXPRESSCLUSTER X SingleServerSafe 5.0 y anteriores permiten que un atacante inicie sesión en el producto y pueda ejecutar un comando arbitrario. • https://jpn.nec.com/security-info/secinfo/nv23-009_en.html • CWE-552: Files or Directories Accessible to External Parties •