All the vulnerabilites related to NEC Corporation - Aterm WF1200CR and Aterm WG1200CR
cve-2018-16195
Vulnerability from cvelistv5
Published
2019-01-09 22:00
Modified
2024-08-05 10:17
Severity ?
EPSS score ?
Summary
Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jvn.jp/en/jp/JVN87535892/index.html | third-party-advisory, x_refsource_JVN | |
| https://jpn.nec.com/security-info/secinfo/nv18-021.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| NEC Corporation | Aterm WF1200CR and Aterm WG1200CR |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#87535892",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Aterm WF1200CR and Aterm WG1200CR",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)"
}
]
}
],
"datePublic": "2019-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#87535892",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Aterm WF1200CR and Aterm WG1200CR",
"version": {
"version_data": [
{
"version_value": "(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#87535892",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-021.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16195",
"datePublished": "2019-01-09T22:00:00",
"dateReserved": "2018-08-30T00:00:00",
"dateUpdated": "2024-08-05T10:17:38.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-16193
Vulnerability from cvelistv5
Published
2019-01-09 22:00
Modified
2024-08-05 10:17
Severity ?
EPSS score ?
Summary
Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jvn.jp/en/jp/JVN87535892/index.html | third-party-advisory, x_refsource_JVN | |
| https://jpn.nec.com/security-info/secinfo/nv18-021.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| NEC Corporation | Aterm WF1200CR and Aterm WG1200CR |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#87535892",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Aterm WF1200CR and Aterm WG1200CR",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)"
}
]
}
],
"datePublic": "2019-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#87535892",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16193",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Aterm WF1200CR and Aterm WG1200CR",
"version": {
"version_data": [
{
"version_value": "(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#87535892",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-021.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16193",
"datePublished": "2019-01-09T22:00:00",
"dateReserved": "2018-08-30T00:00:00",
"dateUpdated": "2024-08-05T10:17:38.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-16192
Vulnerability from cvelistv5
Published
2019-01-09 22:00
Modified
2024-08-05 10:17
Severity ?
EPSS score ?
Summary
Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allow an attacker on the same network segment to obtain information registered on the device via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jvn.jp/en/jp/JVN87535892/index.html | third-party-advisory, x_refsource_JVN | |
| https://jpn.nec.com/security-info/secinfo/nv18-021.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| NEC Corporation | Aterm WF1200CR and Aterm WG1200CR |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#87535892",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Aterm WF1200CR and Aterm WG1200CR",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)"
}
]
}
],
"datePublic": "2019-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allow an attacker on the same network segment to obtain information registered on the device via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#87535892",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Aterm WF1200CR and Aterm WG1200CR",
"version": {
"version_data": [
{
"version_value": "(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allow an attacker on the same network segment to obtain information registered on the device via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#87535892",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-021.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16192",
"datePublished": "2019-01-09T22:00:00",
"dateReserved": "2018-08-30T00:00:00",
"dateUpdated": "2024-08-05T10:17:38.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-16194
Vulnerability from cvelistv5
Published
2019-01-09 22:00
Modified
2024-08-05 10:17
Severity ?
EPSS score ?
Summary
Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jvn.jp/en/jp/JVN87535892/index.html | third-party-advisory, x_refsource_JVN | |
| https://jpn.nec.com/security-info/secinfo/nv18-021.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| NEC Corporation | Aterm WF1200CR and Aterm WG1200CR |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#87535892",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Aterm WF1200CR and Aterm WG1200CR",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)"
}
]
}
],
"datePublic": "2019-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T21:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#87535892",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Aterm WF1200CR and Aterm WG1200CR",
"version": {
"version_data": [
{
"version_value": "(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)"
}
]
}
}
]
},
"vendor_name": "NEC Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#87535892",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN87535892/index.html"
},
{
"name": "https://jpn.nec.com/security-info/secinfo/nv18-021.html",
"refsource": "MISC",
"url": "https://jpn.nec.com/security-info/secinfo/nv18-021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16194",
"datePublished": "2019-01-09T22:00:00",
"dateReserved": "2018-08-30T00:00:00",
"dateUpdated": "2024-08-05T10:17:38.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}