Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-5525

Summary
Assigner-jpcert
Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At-21 Feb, 2020 | 09:15
Updated At-04 Aug, 2024 | 08:30
Rejected At-
Credits

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:jpcert
Assigner Org ID:ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At:21 Feb, 2020 | 09:15
Updated At:04 Aug, 2024 | 08:30
Rejected At:
▼CVE Numbering Authority (CNA)

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.

Affected Products
Vendor
NEC CorporationNEC Corporation
Product
Aterm series
Versions
Affected
  • Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier
Problem Types
TypeCWE IDDescription
textN/AOS Command Injection
Type: text
CWE ID: N/A
Description: OS Command Injection
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://jvn.jp/en/jp/JVN49410695/index.html
x_refsource_MISC
https://jpn.nec.com/security-info/secinfo/nv20-003.html
x_refsource_MISC
Hyperlink: https://jvn.jp/en/jp/JVN49410695/index.html
Resource:
x_refsource_MISC
Hyperlink: https://jpn.nec.com/security-info/secinfo/nv20-003.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://jvn.jp/en/jp/JVN49410695/index.html
x_refsource_MISC
x_transferred
https://jpn.nec.com/security-info/secinfo/nv20-003.html
x_refsource_MISC
x_transferred
Hyperlink: https://jvn.jp/en/jp/JVN49410695/index.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://jpn.nec.com/security-info/secinfo/nv20-003.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vultures@jpcert.or.jp
Published At:21 Feb, 2020 | 10:15
Updated At:21 Feb, 2020 | 17:39

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.0HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.7HIGH
AV:A/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.7
Base severity: HIGH
Vector:
AV:A/AC:L/Au:S/C:C/I:C/A:C
CPE Matches
NEC Corporation
nec
>>aterm_wg2600hs_firmware>>Versions up to 1.3.2(inclusive)
cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*
NEC Corporation
nec
>>aterm_wg2600hs>>-
cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*
NEC Corporation
nec
>>aterm_wf1200c_firmware>>Versions up to 1.2.1(inclusive)
cpe:2.3:o:nec:aterm_wf1200c_firmware:*:*:*:*:*:*:*:*
NEC Corporation
nec
>>aterm_wf1200c>>-
cpe:2.3:h:nec:aterm_wf1200c:-:*:*:*:*:*:*:*
NEC Corporation
nec
>>aterm_wg1200cr_firmware>>Versions up to 1.2.1(inclusive)
cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*
NEC Corporation
nec
>>aterm_wg1200cr>>-
cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://jpn.nec.com/security-info/secinfo/nv20-003.htmlvultures@jpcert.or.jp
Not Applicable
Third Party Advisory
https://jvn.jp/en/jp/JVN49410695/index.htmlvultures@jpcert.or.jp
Not Applicable
Third Party Advisory
Hyperlink: https://jpn.nec.com/security-info/secinfo/nv20-003.html
Source: vultures@jpcert.or.jp
Resource:
Not Applicable
Third Party Advisory
Hyperlink: https://jvn.jp/en/jp/JVN49410695/index.html
Source: vultures@jpcert.or.jp
Resource:
Not Applicable
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

186Records found
CVE-2020-5534
Matching Score-10
Assigner-JPCERT/CC
ShareView Details
Matching Score-10
Assigner-JPCERT/CC
CVSS Score-8||HIGH
EPSS-0.22% / 44.39%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 09:15
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg2600hs_firmwareaterm_wg2600hsAterm WG2600HS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-3741
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 68.43%
||
7 Day CHG~0.00%
Published-30 Nov, 2023 | 00:55
Updated-02 Dec, 2024 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions allows an attacker to execute any command on the device.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-itk-12dg-1p\(bk\)telitk-6dgs-1\(bk\)telitk-8tcgx-1\(bk\)tel_firmwareitk-6dgs-1p\(bk\)tel_firmwareitk-32lcg-1p\(bk\)tel_firmwareitk-32lcg-1p\(bk\)telitk-6dgs-1a\(bk\)telitk-32tcgs-1\(bk\)tel_firmwareitk-8lcx-1p\(bk\)tel_firmwareitk-32lcgs-1a\(bk\)telitk-12dg-1p\(bk\)tel_firmwareitk-6d-1p\(bk\)tel_firmwareitk-8lcx-1\(bk\)tel_firmwareitk-8tcgx-1p\(bk\)telitk-6dg-1p\(bk\)tel_firmwareitk-8tcgx-1p\(bk\)tel_firmwareitk-32tcg-1p\(bk\)telitk-6d-1\(bk\)tel_firmwareitk-32tcgs-1p\(bk\)telitk-32tcg-1p\(bk\)tel_firmwareitk-32lcgs-1p\(bk\)telitk-32tcgs-1a\(bk\)tel_firmwareitk-6dg-1p\(bk\)telitk-8lcg-1p\(bk\)telitk-8tcgx-1\(bk\)telitk-6d-1\(bk\)telitk-32tcgs-1a\(bk\)telitk-32lcgs-1a\(bk\)tel_firmwareitk-6d-1p\(bk\)telitk-12d-1p\(bk\)tel_firmwareitk-32lcgs-1\(bk\)tel_firmwareitk-8lcx-1p\(bk\)telitk-32lcgs-1p\(bk\)tel_firmwareitk-12d-1\(bk\)tel_firmwareitk-12d-1\(bk\)telitk-6dgs-1\(bk\)tel_firmwareitk-8lcg-1p\(bk\)tel_firmwareitk-6dgs-1a\(bk\)tel_firmwareitk-32tcgs-1\(bk\)telitk-6dgs-1p\(bk\)telitk-32tcgs-1p\(bk\)tel_firmwareitk-32lcgs-1\(bk\)telitk-8lcx-1\(bk\)telitk-12d-1p\(bk\)telITK-6DGS-1P(BK) TELITK-32LCGS-1P(BK) TELITK-6DG-1P(BK)TELITK-32LCGS-1(BK) TELITK-8TCGX-1(BK)TELITK-6DGS-1A(BK) TELITK-8LCG-1P(BK)TELITK-8LCX-1(BK)TELITK-8TCGX-1P(BK)TELITK-32TCG-1P(BK)TELITK-32TCGS-1A(BK) TELITK-12D-1P(BK)TELITK-6D-1(BK)TELITK-32TCGS-1(BK) TELITK-6D-1P(BK)TELITK-6DGS-1(BK) TELITK-32LCGS-1A(BK) TELITK-12D-1(BK)TELITK-32LCG-1P(BK)TELITK-12DG-1P(BK)TELITK-8LCX-1P(BK)TELITK-32TCGS-1P(BK) TEL
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-3333
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-7.2||HIGH
EPSS-0.10% / 27.45%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 01:33
Updated-04 Dec, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wr8175naterm_wr8370n_firmwareaterm_wr8750n_firmwareaterm_wr8370naterm_wf300hpaterm_wr8170naterm_wg600hp_firmwareaterm_wg300hp_firmwareaterm_wg1800hpaterm_wg1800hp2aterm_wg300hpaterm_wg1800hp2_firmwareaterm_wr8600n_firmwareaterm_wf300hp_firmwareaterm_wg1400hp_firmwareaterm_wr9500n_firmwareaterm_wg2200hpaterm_wr9500naterm_wg2200hp_firmwareaterm_wr9300naterm_wg1800hp_firmwareaterm_wg2600hpaterm_wg2600hp2_firmwareaterm_wg600hpaterm_wr8600naterm_wr8170n_firmwareaterm_wr8700n_firmwareaterm_wg2600hp_firmwareaterm_wr9300n_firmwareaterm_wg1400hpaterm_wr8700naterm_wg2600hp2aterm_wr8175n_firmwareaterm_wr8750nAterm WR8170NAterm WG2600HPAterm WR8700NAterm WR9500NAterm WR8175NAterm WG2600HP2Aterm WR9300NAterm WG1800HP2Aterm WG1800HPAterm WR8370NAterm WG2200HPAterm WF300HPAterm WG300HPAterm WG1400HPAterm WR8750NAterm WR8600NAterm WG600HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-25621
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.96% / 76.98%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511 Ver8.2.11 and prior, UNIVERGE WA 1512 Ver8.2.11 and prior, UNIVERGE WA 2020 Ver8.2.11 and prior, UNIVERGE WA 2021 Ver8.2.11 and prior, UNIVERGE WA 2610-AP Ver8.2.11 and prior, UNIVERGE WA 2611-AP Ver8.2.11 and prior, UNIVERGE WA 2611E-AP Ver8.2.11 and prior, UNIVERGE WA WA2612-AP Ver8.2.11 and prior allows a remote attacker to execute arbitrary OS commands.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-univerge_wa2020univerge_wa2611-ap_firmwareuniverge_wa2610-ap_firmwareuniverge_wa1511_firmwareuniverge_wa2611-apuniverge_wa1510_firmwareuniverge_wa1020univerge_wa2612-apuniverge_wa2612-ap_firmwareuniverge_wa2020_firmwareuniverge_wa1510univerge_wa2610-apuniverge_wa1512_firmwareuniverge_wa1512univerge_wa1511univerge_wa2021univerge_wa1020_firmwareuniverge_wa2021_firmwareuniverge_wa2611e-apuniverge_wa2611e-ap_firmwareUNIVERGE DT
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-11546
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-9.3||CRITICAL
EPSS-0.07% / 21.89%
||
7 Day CHG~0.00%
Published-07 Nov, 2025 | 01:09
Updated-12 Nov, 2025 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an attacker sends specially crafted network packets to the product, arbitrary OS commands may be executed without authentication.

Action-Not Available
Vendor-NEC Corporation
Product-CLUSTERPRO X SingleServerSafe for Linux (EXPRESSCLUSTER X SingleServerSafe for Linux)CLUSTERPRO X for Linux (EXPRESSCLUSTER X for Linux)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0356
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-7.2||HIGH
EPSS-0.21% / 43.52%
||
7 Day CHG+0.05%
Published-15 Jan, 2025 | 07:24
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network.

Action-Not Available
Vendor-NEC Corporation
Product-WX1500HPWX3600HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20711
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 71.27%
||
7 Day CHG~0.00%
Published-26 Apr, 2021 | 00:20
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg2600hs_firmwareaterm_wg2600hsAterm WG2600HS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20708
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.69% / 72.27%
||
7 Day CHG~0.00%
Published-26 Apr, 2021 | 00:20
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200craterm_wg1200craterm_wg1200cr_firmwareaterm_wg2600hs_firmwareaterm_wg2600hsaterm_wf1200cr_firmwareNEC Aterm devices
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20740
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-2.37% / 85.29%
||
7 Day CHG~0.00%
Published-28 Jun, 2021 | 00:50
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08(NEC2.5.4a) and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08(NEC3.4.2) allow remote authenticated attackers to execute arbitrary OS commands with root privileges via unspecified vectors.

Action-Not Available
Vendor-Hitachi, Ltd.NEC Corporation
Product-virtual_file_platformnas_gateway_nh4c_firmwarenas_gateway_nh4a_firmwarenas_gateway_nh4cnas_gateway_nh8b_firmwarenas_gateway_nh8c_firmwarenas_gateway_nh8a_firmwarenas_gateway_nh4anas_gateway_nh4b_firmwarenas_gateway_nh4bnas_gateway_nh8bnas_gateway_nh8anas_gateway_nh8cHitachi Virtual File Platform and NEC Storage M Series NAS Gateway which uses Hitachi Virtual File Platform
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4620
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-7.1||HIGH
EPSS-0.04% / 14.02%
||
7 Day CHG~0.00%
Published-27 Mar, 2026 | 11:53
Updated-20 Apr, 2026 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-aterm_wx3600hpaterm_wx1500hp_firmwareaterm_wx1500hpaterm_wx3600hp_firmwareAterm WX3600HPAterm WX1500HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4622
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-7.1||HIGH
EPSS-0.15% / 35.00%
||
7 Day CHG~0.00%
Published-27 Mar, 2026 | 11:53
Updated-20 Apr, 2026 | 15:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-aterm_wg2600hsaterm_wg2600hs2_firmwareaterm_wg2600hs2aterm_wg2600hm4aterm_gb1200pe_firmwareaterm_wg2600hp4_firmwareaterm_wf1200cr_firmwareaterm_wg1200cr_firmwareaterm_wg2600hp4aterm_wx3000hp_firmwareaterm_wg2600hm4_firmwareaterm_wf1200craterm_gb1200peaterm_wx3000hpaterm_wx3000hp2_firmwareaterm_wx3000hp2aterm_wg1200craterm_wg2600hs_firmwareAterm WG2600HS2Aterm WG2600HM4Aterm WG1200CRAterm GB1200PEAterm WG2600HP4Aterm WF1200CRAterm WG2600HSAterm WX3000HP2Aterm WX3000HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5635
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.41% / 61.98%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 02:25
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-aterm_sa3500gaterm_sa3500g_firmwareAterm SA3500G
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5636
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 47.89%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 02:25
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-aterm_sa3500gaterm_sa3500g_firmwareAterm SA3500G
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5524
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.22% / 45.27%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 09:15
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200caterm_wg1200craterm_wg1200cr_firmwareaterm_wg2600hs_firmwareaterm_wf1200c_firmwareaterm_wg2600hsAterm series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5685
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.61% / 70.35%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 09:40
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL.

Action-Not Available
Vendor-NEC Corporation
Product-univerge_sv8500univerge_sv9500_firmwareuniverge_sv8500_firmwareuniverge_sv9500UNIVERGE SV9500/SV8500 series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-1999-0043
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.58% / 82.00%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

Action-Not Available
Vendor-bsdin/absdiNetscape (Yahoo Inc.)Internet Systems Consortium, Inc.NEC CorporationRed Hat, Inc.The MITRE Corporation (Caldera)
Product-linuxopenlinuxgoah_intrasvbsd_osnews_serverinngoah_networksvn/absd_oslinuxopenlinuxgoah_intrasvgoah_networksvnews_serverinn
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-40895
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-6.4||MEDIUM
EPSS-1.30% / 80.23%
||
7 Day CHG~0.00%
Published-30 Jul, 2024 | 08:37
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension.

Action-Not Available
Vendor-FFRI Security, Inc.Sky Co., Ltd.ffriskygroupNEC Corporation
Product-FFRI AMCFFRI AMC for ActSecure χEDR Plus Packffri_amcedr_plus_pack_cloudedr_plus_pack
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16195
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.32% / 55.03%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200craterm_wg1200craterm_wg1200cr_firmwareaterm_wf1200cr_firmwareAterm WF1200CR and Aterm WG1200CR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16194
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 69.68%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200craterm_wg1200craterm_wg1200cr_firmwareaterm_wf1200cr_firmwareAterm WF1200CR and Aterm WG1200CR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0629
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0626
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0636
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 69.68%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0630
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0639
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 69.68%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0625
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0634
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 69.68%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0628
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0635
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 69.68%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0631
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0638
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0627
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0637
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 71.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-28015
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.79% / 74.45%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 00:56
Updated-29 Sep, 2025 | 12:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command with the root privilege via the internet.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wr1200haterm_wr9500n_firmwareaterm_wg600hpaterm_wg1400hpaterm_wr8750naterm_wm3450rn_firmwareaterm_wg300hpaterm_wg1200hs2aterm_wg1200hs3_firmwareaterm_wg1810hp\(je\)aterm_wr8700naterm_wg1800hp2_firmwareaterm_wm3800raterm_w1200ex-ms_firmwareaterm_wg1800hp2aterm_wg1900hp2_firmwareaterm_mr02lnaterm_wf800hpaterm_wm3600r_firmwareaterm_wg1200hs3aterm_wr8700n_firmwareaterm_wr6600h_firmwareaterm_wg2200hp_firmwareaterm_wf300hpaterm_wr9300naterm_wf800hp_firmwareaterm_wr4500n_firmwareaterm_wg1810hp\(je\)_firmwareaterm_wr6670saterm_wg1800hp4_firmwareaterm_wr9500naterm_wg300hp_firmwareaterm_wr8150n_firmwareaterm_wg1200hpaterm_wr6650saterm_wr8175naterm_wr7850saterm_wr8100n_firmwareaterm_wr7850s_firmwareaterm_wr8200n_firmwareaterm_wm3400rnaterm_cr2500paterm_wr8100naterm_wm3500r_firmwareaterm_w300paterm_wr4100n_firmwareaterm_wm3400rn_firmwareaterm_wr7870saterm_wr8150naterm_wr8165n_firmwareaterm_wr8160n_firmwareaterm_wf1200hp2_firmwareaterm_wr8500n_firmwareaterm_wf300hp2aterm_wg1200hp2aterm_wg1900hpaterm_w1200ex-msaterm_wm3500raterm_w300p_firmwareaterm_wg1800hp3_firmwareaterm_wr7800h_firmwareaterm_wf1200hp_firmwareaterm_wf300hp2_firmwareaterm_wr1200h_firmwareaterm_wr9300n_firmwareaterm_wg1200hs2_firmwareaterm_wg1800hp3aterm_wr8166n_firmwareaterm_wr6650s_firmwareaterm_wg1900hp2aterm_wr6600haterm_wg1200hs_firmwareaterm_wr8165naterm_wr7800haterm_wr8166naterm_wr8370n_firmwareaterm_cr2500p_firmwareaterm_wm3600raterm_wr8160naterm_wf1200hp2aterm_wr4100naterm_mr01ln_firmwareaterm_wm3800r_firmwareaterm_wg1200hp3_firmwareaterm_wr8750n_firmwareaterm_wr8370naterm_mr02ln_firmwareaterm_wg1800hp_firmwareaterm_wr8175n_firmwareaterm_wg1400hp_firmwareaterm_wg1810hp\(mf\)_firmwareaterm_wr8400naterm_wg1200hp2_firmwareaterm_wr4500naterm_wg1810hp\(mf\)aterm_wg1900hp_firmwareaterm_wm3450rnaterm_wr8200naterm_wf300hp_firmwareaterm_wg2200hpaterm_wr7870s_firmwareaterm_wr6670s_firmwareaterm_wg1200hp3aterm_wr8170n_firmwareaterm_wf1200hpaterm_wr8600naterm_wg600hp_firmwareaterm_wr8600n_firmwareaterm_wg1200hsaterm_wg1800hpaterm_wr8500naterm_wg1200hp_firmwareaterm_wr8170naterm_wr8300n_firmwareaterm_mr01lnaterm_wg1800hp4aterm_wr8400n_firmwareaterm_wr8300nWR6600HWM3500RW300PWR8300NWR1200HWR6670SWG600HPWF1200HP2WM3400RNWM3800RWR9300NWR8166NWG1800HP4WG2200HPWR8165NWG1200HS3WR6650SWM3450RNWG1200HSWF300HP2WG1200HP3WG1900HP2WF800HPWR8400NWR9500NWR8100NWF1200HPWR8160NWR7800HWR8500NWG1810HP(JE)WG1810HP(MF)WR4500NWR8200NWR8170NWG1800HP2CR2500PWR8600NWG1800HPWG1200HPWF300HPWM3600RWG1900HPWR8150NWG1200HS2WR4100NWG1400HPWR8370NWR8750NWR8175NWR7870SWG1800HP3WG1200HP2WR7850SMR01LNWG300HPMR02LNWR8700NW1200EX(-MS)aterm_wg1800hp4_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-37564
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8||HIGH
EPSS-0.31% / 54.91%
||
7 Day CHG~0.00%
Published-13 Jul, 2023 | 03:01
Updated-06 Nov, 2024 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute an arbitrary OS command with a root privilege by sending a specially crafted request. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier, WRC-1167FEBK-S v1.04 and earlier, WRC-1167GHBK3-A v1.24 and earlier, and WRC-1167FEBK-A v1.18 and earlier.

Action-Not Available
Vendor-Elecom Co., Ltd.
Product-wrc-1167ghbk-s_firmwarewrc-1167gebk-s_firmwarewrc-1167febk-s_firmwarewrc-1167gebk-swrc-1167febk-swrc-1167ghbk3-a_firmwarewrc-1167febk-a_firmwarewrc-1167febk-awrc-1167ghbk-swrc-1167ghbk3-aWRC-1167GHBK-SWRC-1167GEBK-SWRC-1167GHBK3-AWRC-1167FEBK-AWRC-1167FEBK-Swrc-1167gebk-swrc-1167febk-swrc-1167febk-awrc-1167ghbk-swrc-1167ghbk3-a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-2486
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8||HIGH
EPSS-90.12% / 99.61%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 11:35
Updated-15 Apr, 2025 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAVLINK WN535K2/WN535K3 os command injection

A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-wn535k2_firmwarewl-wn535k2wl-wn535k3wl-wn535k3_firmwareWN535K2WN535K3
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-4361
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.7||HIGH
EPSS-44.75% / 97.66%
||
7 Day CHG~0.00%
Published-20 Aug, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-virtual_san_appliancesan\/iqn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-2487
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8||HIGH
EPSS-92.25% / 99.73%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 11:35
Updated-15 Apr, 2025 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAVLINK WN535K2/WN535K3 nightled.cgi os command injection

A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-wn535k2_firmwarewl-wn535k2wl-wn535k3wl-wn535k3_firmwareWN535K2WN535K3
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-2488
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8||HIGH
EPSS-93.32% / 99.82%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 11:35
Updated-15 Apr, 2025 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injection

A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-wn535k3_firmwarewl-wn535k2wl-wn535k2_firmwarewl-wn535k3WN535K2WN535K3
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-3607
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.5||MEDIUM
EPSS-0.27% / 50.40%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 21:00
Updated-02 Aug, 2024 | 07:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
kodbox WebConsole Plug-In webconsole.php.txt Execute os command injection

A vulnerability was found in kodbox 1.26. It has been declared as critical. This vulnerability affects the function Execute of the file webconsole.php.txt of the component WebConsole Plug-In. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-233476. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-kodcloudn/a
Product-kodboxkodbox
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34276
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.8||MEDIUM
EPSS-0.18% / 40.17%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Mar, 2025 | 21:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20554.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-2150dir-2150_firmwareDIR-2150dir-2150_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34275
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.8||MEDIUM
EPSS-0.18% / 40.17%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Mar, 2025 | 21:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20553.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-2150dir-2150_firmwareDIR-2150dir-2150_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34278
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.8||MEDIUM
EPSS-0.18% / 40.17%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Mar, 2025 | 21:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20556.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-2150dir-2150_firmwareDIR-2150dir-2150_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-32350
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8||HIGH
EPSS-0.87% / 75.71%
||
7 Day CHG~0.00%
Published-22 May, 2023 | 15:14
Updated-16 Jan, 2025 | 21:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a malicious name that contains an OS command injection payload.

Action-Not Available
Vendor-teltonika-networksTeltonika
Product-rut300rut955_firmwarerutx11_firmwarerut950rutxr1rut956rut241rutx08rutx09rut300_firmwarerutx12_firmwarerut901rutx10rut360rutx50rut951_firmwarerutx08_firmwarerutx14rut951rutx10_firmwarerut240_firmwarerutx09_firmwarerutx12rut360_firmwarerut956_firmwarerut200_firmwarerutx50_firmwarerut955rutx11rut241_firmwarerut950_firmwarerut901_firmwarerutx14_firmwarerutxr1_firmwarerut240rut200RUT model routers
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-31188
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8||HIGH
EPSS-0.09% / 26.05%
||
7 Day CHG~0.00%
Published-06 Sep, 2023 | 09:28
Updated-27 Sep, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506', and Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616'.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-archer_c55archer_c50_v3_firmwarearcher_c50_v3archer_c55_firmwareArcher C50Archer C55Archer C20archer_c50_v3_firmwarearcher_c20_firmwarearcher_c55_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16216
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-2.45% / 85.52%
||
7 Day CHG~0.00%
Published-25 Apr, 2019 | 19:52
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection (missing input validation, escaping) in the monitoring or memory status web interface in AudioCodes 405HD (firmware 2.2.12) VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands (like starting telnetd or opening a reverse shell) via a POST request to the web server. In combination with another attack (unauthenticated password change), the attacker can circumvent the authentication requirement.

Action-Not Available
Vendor-audiocodesn/a
Product-405hd_firmware405hdn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-25894
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.05% / 15.84%
||
7 Day CHG~0.00%
Published-18 Feb, 2025 | 00:00
Updated-02 May, 2025 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the samba_wg and samba_nbn parameters. This vulnerability allows attackers to execute arbitrary operating system (OS) commands via a crafted packet.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dsl-3782dsl-3782_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-25895
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.05% / 15.84%
||
7 Day CHG~0.00%
Published-18 Feb, 2025 | 00:00
Updated-02 May, 2025 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the public_type parameter. This vulnerability allows attackers to execute arbitrary operating system (OS) commands via a crafted packet.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dsl-3782dsl-3782_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34280
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.8||MEDIUM
EPSS-0.18% / 40.17%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Mar, 2025 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20559.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-2150dir-2150_firmwareDIR-2150dir-2150_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-2625
Matching Score-4
Assigner-Hitachi Energy
ShareView Details
Matching Score-4
Assigner-Hitachi Energy
CVSS Score-9||CRITICAL
EPSS-0.17% / 37.87%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 16:15
Updated-04 Dec, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system.

Action-Not Available
Vendor-Hitachi Energy Ltd.ABB
Product-txpert_hub_coretec_4_firmwaretxpert_hub_coretec_4TXpert Hub CoreTec 4
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-35031
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.08% / 24.65%
||
7 Day CHG~0.00%
Published-28 Dec, 2021 | 10:36
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-gs1900-24hpv2_firmwaregs1900-10hpxgs1250-12gs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-48hpgs1900-8hp_firmwaregs1900-48_firmwaregs1900-48hpv2_firmwaregs1900-48hpv2gs1900-24epgs1900-24ep_firmwarexgs1210-12xgs1250-12_firmwaregs1900-24hp_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-24hpv2gs1900-8_firmwaregs1900-48gs1900-48hp_firmwaregs1900-16_firmwaregs1900-10hp_firmwaregs1900-16xgs1210-12_firmwaregs1900-24hpGS1900 series firmwareXGS1210 series firmwareXGS1250 series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found