CVSS: 9.1EPSS: 0%CPEs: 22EXPL: 0CVE-2024-3016
https://notcve.org/view.php?id=CVE-2024-3016
09 May 2024 — NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user. NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 permiten a un atacante acceder a una configuración del sistema no documentada para cambiar la configuración a través de la red local con un usuario no autenticado. • https://jpn.nec.com/security-info/secinfo/nv24-002_en.html • CWE-912: Hidden Functionality •
CVSS: 10.0EPSS: 0%CPEs: 44EXPL: 0CVE-2023-3741
https://notcve.org/view.php?id=CVE-2023-3741
30 Nov 2023 — An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions allows an attacker to execute any command on the device. Una vulnerabilidad de inyección de comandos del sistema operativo en NEC Platforms DT900 and DT900S Series, todas las versiones, permite a un atacante ejecutar cualquier comando en el dispositivo. • https://https://jpn.nec.com/security-info/secinfo/nv23-011_en.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •