Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-28010

Summary
Assigner-NEC
Assigner Org ID-f2760a35-e0d8-4637-ac4c-cc1a2de3e282
Published At-28 Mar, 2024 | 00:54
Updated At-14 Jan, 2025 | 03:54
Rejected At-
Credits

Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:NEC
Assigner Org ID:f2760a35-e0d8-4637-ac4c-cc1a2de3e282
Published At:28 Mar, 2024 | 00:54
Updated At:14 Jan, 2025 | 03:54
Rejected At:
▼CVE Numbering Authority (CNA)

Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet.

Affected Products
Vendor
NEC CorporationNEC Corporation
Product
WG1800HP4
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1200HS3
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1900HP2
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1200HP3
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1800HP3
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1200HS2
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1900HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1200HP2
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
W1200EX(-MS)
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1200HS
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1200HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WF300HP2
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
W300P
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WF800HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8165N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG2200HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WF1200HP2
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1800HP2
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WF1200HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG600HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG300HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WF300HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1800HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1400HP
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8175N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR9300N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8750N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8160N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR9500N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8600N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8370N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8170N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8700N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8300N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8150N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR4100N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR4500N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8100N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8500N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
CR2500P
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8400N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8200N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR1200H
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR7870S
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR6670S
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR7850S
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR6650S
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR6600H
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR7800H
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WM3400RN
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WM3450RN
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WM3500R
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WM3600R
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WM3800R
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WR8166N
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
MR01LN
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
MR02LN
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1810HP(JE)
Default Status
unknown
Versions
Affected
  • all versions
Vendor
NEC CorporationNEC Corporation
Product
WG1810HP(MF)
Default Status
unknown
Versions
Affected
  • all versions
Problem Types
TypeCWE IDDescription
CWECWE-259CWE-259: Use of Hard-coded Password
Type: CWE
CWE ID: CWE-259
Description: CWE-259: Use of Hard-coded Password
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
Katsuhiko Sato and Ryo Kashiro of 00One, Inc.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://jpn.nec.com/security-info/secinfo/nv24-001_en.html
N/A
Hyperlink: https://jpn.nec.com/security-info/secinfo/nv24-001_en.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
NEC Corporationnec
Product
aterm_wg1800hp4_firmware
CPEs
  • cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_w1200ex-ms_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wf300hp2_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wf800hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1200hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1200hs2_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1200hs_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:nec:aterm_wg1800hp3:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1900hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wr8165n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1200hp3_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1900hp2_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1200hs3_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:nec:aterm_wg1800hp4_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html
x_transferred
Hyperlink: https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt-info@cyber.jp.nec.com
Published At:28 Mar, 2024 | 01:15
Updated At:14 Jan, 2025 | 04:15

Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-259Secondarypsirt-info@cyber.jp.nec.com
CWE ID: CWE-259
Type: Secondary
Source: psirt-info@cyber.jp.nec.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://jpn.nec.com/security-info/secinfo/nv24-001_en.htmlpsirt-info@cyber.jp.nec.com
N/A
https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://jpn.nec.com/security-info/secinfo/nv24-001_en.html
Source: psirt-info@cyber.jp.nec.com
Resource: N/A
Hyperlink: https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

0Records found
Details not found