cvelistv5 - cve-2024-28013

cve-2024-28013

Vulnerability from cvelistv5

Published

2024-03-28 00:57

Modified

2024-11-19 19:15

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet.

References

▼	URL	Tags
	psirt-info@cyber.jp.nec.com	https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html

Impacted products

▼	Vendor	Product
	NEC Corporation	WG1800HP4
	NEC Corporation	WG1200HS3
	NEC Corporation	WG1900HP2
	NEC Corporation	WG1200HP3
	NEC Corporation	WG1800HP3
	NEC Corporation	WG1200HS2
	NEC Corporation	WG1900HP
	NEC Corporation	WG1200HP2
	NEC Corporation	W1200EX(-MS)
	NEC Corporation	WG1200HS
	NEC Corporation	WG1200HP
	NEC Corporation	WF300HP2
	NEC Corporation	W300P
	NEC Corporation	WF800HP
	NEC Corporation	WR8165N
	NEC Corporation	WG2200HP
	NEC Corporation	WF1200HP2
	NEC Corporation	WG1800HP2
	NEC Corporation	WF1200HP
	NEC Corporation	WG600HP
	NEC Corporation	WG300HP
	NEC Corporation	WF300HP
	NEC Corporation	WG1800HP
	NEC Corporation	WG1400HP
	NEC Corporation	WR8175N
	NEC Corporation	WR9300N
	NEC Corporation	WR8750N
	NEC Corporation	WR8160N
	NEC Corporation	WR9500N
	NEC Corporation	WR8600N
	NEC Corporation	WR8370N
	NEC Corporation	WR8170N
	NEC Corporation	WR8700N
	NEC Corporation	WR8300N
	NEC Corporation	WR8150N
	NEC Corporation	WR4100N
	NEC Corporation	WR4500N
	NEC Corporation	WR8100N
	NEC Corporation	WR8500N
	NEC Corporation	CR2500P
	NEC Corporation	WR8400N
	NEC Corporation	WR8200N
	NEC Corporation	WR1200H
	NEC Corporation	WR7870S
	NEC Corporation	WR6670S
	NEC Corporation	WR7850S
	NEC Corporation	WR6650S
	NEC Corporation	WR6600H
	NEC Corporation	WR7800H
	NEC Corporation	WM3400RN
	NEC Corporation	WM3450RN
	NEC Corporation	WM3500R
	NEC Corporation	WM3600R
	NEC Corporation	WM3800R
	NEC Corporation	WR8166N
	NEC Corporation	MR01LN
	NEC Corporation	MR02LN
	NEC Corporation	WG1810HP(JE)
	NEC Corporation	WG1810HP(MF)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-28013",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T19:14:52.309865Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:15:03.453Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:48:47.644Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "WG1800HP4",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HS3",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1900HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HP3",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1800HP3",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HS2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1900HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "W1200EX(-MS)",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HS",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF300HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "W300P",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF800HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8165N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG2200HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF1200HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1800HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF1200HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG600HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG300HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF300HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1800HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1400HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8175N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR9300N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8750N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8160N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR9500N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8600N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8370N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8170N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8700N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8300N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8150N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR4100N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR4500N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8100N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8500N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "CR2500P",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8400N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8200N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR1200H",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR7870S",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR6670S",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR7850S",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR6650S",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR6600H",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR7800H",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3400RN",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3450RN",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3500R",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3600R",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3800R",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8166N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "MR01LN",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "MR02LN",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1810HP(JE)",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1810HP(MF)",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Yudai Morii, Takaya Noma, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet."
            }
          ],
          "value": "Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-02T05:30:01.496Z",
        "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "shortName": "NEC"
      },
      "references": [
        {
          "url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
    "assignerShortName": "NEC",
    "cveId": "CVE-2024-28013",
    "datePublished": "2024-03-28T00:57:38.295Z",
    "dateReserved": "2024-02-29T08:40:13.581Z",
    "dateUpdated": "2024-11-19T19:15:03.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-28013\",\"sourceIdentifier\":\"psirt-info@cyber.jp.nec.com\",\"published\":\"2024-03-28T01:15:47.693\",\"lastModified\":\"2024-11-19T20:35:20.507\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet.\"},{\"lang\":\"es\",\"value\":\"Uso de vulnerabilidad de valores insuficientemente aleatorios en NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W30 0P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N , WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN y MR02LN, todas las versiones permiten a un atacante cambiar la configuraci\u00f3n a trav\u00e9s de Internet.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"psirt-info@cyber.jp.nec.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"references\":[{\"url\":\"https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html\",\"source\":\"psirt-info@cyber.jp.nec.com\"}]}}"
  }
}

ghsa-g5x6-qxv4-vxw3

Vulnerability from github

Published

2024-03-28 03:30

Modified

2024-11-19 21:31

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN and MR02LN all versions allows a attacker to change settings via the internet.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-28013"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-28T01:15:47Z",
    "severity": "MODERATE"
  },
  "details": "Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN and MR02LN all versions allows a attacker to change settings via the internet.",
  "id": "GHSA-g5x6-qxv4-vxw3",
  "modified": "2024-11-19T21:31:30Z",
  "published": "2024-03-28T03:30:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28013"
    },
    {
      "type": "WEB",
      "url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

cve-2024-28013

Vulnerability from jvndb

Published

2024-04-05 14:53

Modified

2024-04-05 14:53

Severity ?

8.8 (High) - cvssV3_0 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in NEC Aterm series

Details

Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below. <ul> <li>Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28005</li> <li>Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28006</li> <li>Incorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28007</li> <li>Active Debug Code (CWE-489) - CVE-2024-28008</li> <li>Use of Weak Credentials (CWE-1391) - CVE-2024-28009, CVE-2024-28012</li> <li>Use of Hard-coded Credentials (CWE-798) - CVE-2024-28010</li> <li>Inclusion of Undocumented Features (CWE-1242) - CVE-2024-28011</li> <li>Insufficient Session Expiration (CWE-613) - CVE-2024-28013</li> <li>Buffer Overflow (CWE-120) - CVE-2024-28014</li> <li>OS Command Injection in the web management console (CWE-78) - CVE-2024-28015</li> <li>Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28016</li> </ul> The following people reported the vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2024-28005, CVE-2024-28008 Ryo Kashiro, and Katsuhiko Sato, and Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University CVE-2024-28006, CVE-2024-28007, CVE-2024-28009, CVE-2024-28010, CVE-2024-28011, CVE-2024-28012 Ryo Kashiro, and Katsuhiko Sato CVE-2024-28013 Yudai Morii, Takaya Noma, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University CVE-2024-28014, CVE-2024-28015, CVE-2024-28016 Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University

References

▼	Type	URL
	JVN	https://jvn.jp/en/jp/JVN82074338/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28005
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28006
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28007
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28008
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28009
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28010
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28011
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28012
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28013
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28014
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-28015
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-280016
	Buffer Errors(CWE-119)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	Information Exposure(CWE-200)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	Improper Authentication(CWE-287)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	OS Command Injection(CWE-78)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	NEC Corporation	Aterm WM3400RN
	NEC Corporation	Aterm WM3450RN
	NEC Corporation	Aterm WM3600R
	NEC Corporation	Aterm WR8160N
	NEC Corporation	Aterm CR2500P
	NEC Corporation	Aterm MR01LN
	NEC Corporation	Aterm MR02LN
	NEC Corporation	Aterm W1200EX(-MS)
	NEC Corporation	Aterm W300P
	NEC Corporation	Aterm WF1200HP
	NEC Corporation	Aterm WF1200HP2
	NEC Corporation	Aterm WF300HP2
	NEC Corporation	Aterm WF300HP
	NEC Corporation	Aterm WF800HP
	NEC Corporation	Aterm WG1200HP2
	NEC Corporation	Aterm WG1200HP3
	NEC Corporation	Aterm WG1200HP
	NEC Corporation	Aterm WG1200HS2
	NEC Corporation	Aterm WG1200HS3
	NEC Corporation	Aterm WG1200HS
	NEC Corporation	Aterm WG1400HP
	NEC Corporation	Aterm WG1800HP2
	NEC Corporation	Aterm WG1800HP3
	NEC Corporation	Aterm WG1800HP4
	NEC Corporation	Aterm WG1800HP
	NEC Corporation	Aterm WG1810HP(JE)
	NEC Corporation	Aterm WG1810HP(MF)
	NEC Corporation	Aterm WG1900HP2
	NEC Corporation	Aterm WG1900HP
	NEC Corporation	Aterm WG2200HP
	NEC Corporation	Aterm WG300HP
	NEC Corporation	Aterm WG600HP
	NEC Corporation	Aterm WM3500R
	NEC Corporation	Aterm WM3800R
	NEC Corporation	Aterm WR1200H
	NEC Corporation	Aterm WR4100N
	NEC Corporation	Aterm WR4500N
	NEC Corporation	Aterm WR6600H
	NEC Corporation	Aterm WR6650S
	NEC Corporation	Aterm WR6670S
	NEC Corporation	Aterm WR7800H
	NEC Corporation	Aterm WR7850S
	NEC Corporation	Aterm WR7870S
	NEC Corporation	Aterm WR8100N
	NEC Corporation	Aterm WR8150N
	NEC Corporation	Aterm WR8165N
	NEC Corporation	Aterm WR8166N
	NEC Corporation	Aterm WR8170N
	NEC Corporation	Aterm WR8175N
	NEC Corporation	Aterm WR8200N
	NEC Corporation	Aterm WR8300N
	NEC Corporation	Aterm WR8370N
	NEC Corporation	Aterm WR8400N
	NEC Corporation	Aterm WR8500N
	NEC Corporation	Aterm WR8600N
	NEC Corporation	Aterm WR8700N
	NEC Corporation	Aterm WR8750N
	NEC Corporation	Aterm WR9300N
	NEC Corporation	Aterm WR9500N

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000037.html",
  "dc:date": "2024-04-05T14:53+09:00",
  "dcterms:issued": "2024-04-05T14:53+09:00",
  "dcterms:modified": "2024-04-05T14:53+09:00",
  "description": "Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below.\r\n\r\n\u003cul\u003e\r\n\u003cli\u003eIncorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28005\u003c/li\u003e\r\n\u003cli\u003eExposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28006\u003c/li\u003e\r\n\u003cli\u003eIncorrect Permission Assignment for Critical Resource (CWE-732) - CVE-2024-28007\u003c/li\u003e\r\n\u003cli\u003eActive Debug Code (CWE-489) - CVE-2024-28008\u003c/li\u003e\r\n\u003cli\u003eUse of Weak Credentials (CWE-1391) - CVE-2024-28009, CVE-2024-28012\u003c/li\u003e\r\n\u003cli\u003eUse of Hard-coded Credentials (CWE-798) - CVE-2024-28010\u003c/li\u003e\r\n\u003cli\u003eInclusion of Undocumented Features (CWE-1242) - CVE-2024-28011\u003c/li\u003e\r\n\u003cli\u003eInsufficient Session Expiration (CWE-613) - CVE-2024-28013\u003c/li\u003e\r\n\u003cli\u003eBuffer Overflow (CWE-120) - CVE-2024-28014\u003c/li\u003e\r\n\u003cli\u003eOS Command Injection in the web management console (CWE-78) - CVE-2024-28015\u003c/li\u003e\r\n\u003cli\u003eExposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) - CVE-2024-28016\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\r\nThe following people reported the vulnerabilities to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.\r\n\r\nCVE-2024-28005, CVE-2024-28008\r\nRyo Kashiro, and Katsuhiko Sato, and Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University\r\n\r\nCVE-2024-28006, CVE-2024-28007, CVE-2024-28009, CVE-2024-28010, CVE-2024-28011, CVE-2024-28012\r\nRyo Kashiro, and Katsuhiko Sato\r\n\r\nCVE-2024-28013\r\nYudai Morii, Takaya Noma, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University\r\n\r\nCVE-2024-28014, CVE-2024-28015, CVE-2024-28016\r\nTakayuki Sasaki, and Katsunari Yoshioka of Yokohama National University",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000037.html",
  "sec:cpe": [
    {
      "#text": "cpe:/h:nec:atermwm3400rn",
      "@product": "Aterm WM3400RN",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:nec:atermwm3450rn",
      "@product": "Aterm WM3450RN",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:nec:atermwm3600r",
      "@product": "Aterm WM3600R",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:nec:atermwr8160n",
      "@product": "Aterm WR8160N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_cr2500p",
      "@product": "Aterm CR2500P",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_mr01ln",
      "@product": "Aterm MR01LN",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_mr02ln",
      "@product": "Aterm MR02LN",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_w1200ex(-ms)",
      "@product": "Aterm W1200EX(-MS)",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_w300p_firmware",
      "@product": "Aterm W300P",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wf1200hp",
      "@product": "Aterm WF1200HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wf1200hp2",
      "@product": "Aterm WF1200HP2",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wf300hp2_firmware",
      "@product": "Aterm WF300HP2",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wf300hp_firmware",
      "@product": "Aterm WF300HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wf800hp_firmware",
      "@product": "Aterm WF800HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1200hp2_firmware",
      "@product": "Aterm WG1200HP2",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1200hp3_firmware",
      "@product": "Aterm WG1200HP3",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1200hp_firmware",
      "@product": "Aterm WG1200HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1200hs2_firmware",
      "@product": "Aterm WG1200HS2",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1200hs3_firmware",
      "@product": "Aterm WG1200HS3",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1200hs_firmware",
      "@product": "Aterm WG1200HS",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1400hp_firmware",
      "@product": "Aterm WG1400HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1800hp2_firmware",
      "@product": "Aterm WG1800HP2",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1800hp3_firmware",
      "@product": "Aterm WG1800HP3",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1800hp4_firmware",
      "@product": "Aterm WG1800HP4",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1800hp_firmware",
      "@product": "Aterm WG1800HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1810hp(je)",
      "@product": "Aterm WG1810HP(JE)",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1810hp(mf)",
      "@product": "Aterm WG1810HP(MF)",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1900hp2_firmware",
      "@product": "Aterm WG1900HP2",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg1900hp_firmware",
      "@product": "Aterm WG1900HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg2200hp_firmware",
      "@product": "Aterm WG2200HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg300hp_firmware",
      "@product": "Aterm WG300HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wg600hp_firmware",
      "@product": "Aterm WG600HP",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wm3500r",
      "@product": "Aterm WM3500R",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wm3800r",
      "@product": "Aterm WM3800R",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr1200h",
      "@product": "Aterm WR1200H",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr4100n",
      "@product": "Aterm WR4100N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr4500n",
      "@product": "Aterm WR4500N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr6600h",
      "@product": "Aterm WR6600H",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr6650s",
      "@product": "Aterm WR6650S",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr6670s",
      "@product": "Aterm WR6670S",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr7800h",
      "@product": "Aterm WR7800H",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr7850s",
      "@product": "Aterm WR7850S",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr7870s",
      "@product": "Aterm WR7870S",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8100n",
      "@product": "Aterm WR8100N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8150n",
      "@product": "Aterm WR8150N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8165n_firmware",
      "@product": "Aterm WR8165N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8166n",
      "@product": "Aterm WR8166N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8170n_firmware",
      "@product": "Aterm WR8170N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8175n_firmware",
      "@product": "Aterm WR8175N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8200n",
      "@product": "Aterm WR8200N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8300n",
      "@product": "Aterm WR8300N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8370n_firmware",
      "@product": "Aterm WR8370N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8400n",
      "@product": "Aterm WR8400N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8500n",
      "@product": "Aterm WR8500N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8600n_firmware",
      "@product": "Aterm WR8600N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8700n_firmware",
      "@product": "Aterm WR8700N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr8750n_firmware",
      "@product": "Aterm WR8750N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr9300n_firmware",
      "@product": "Aterm WR9300N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nec:aterm_wr9500n_firmware",
      "@product": "Aterm WR9500N",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "8.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2024-000037",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN82074338/index.html",
      "@id": "JVN#82074338",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28005",
      "@id": "CVE-2024-28005",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28006",
      "@id": "CVE-2024-28006",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28007",
      "@id": "CVE-2024-28007",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28008",
      "@id": "CVE-2024-28008",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28009",
      "@id": "CVE-2024-28009",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28010",
      "@id": "CVE-2024-28010",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28011",
      "@id": "CVE-2024-28011",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28012",
      "@id": "CVE-2024-28012",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28013",
      "@id": "CVE-2024-28013",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28014",
      "@id": "CVE-2024-28014",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28015",
      "@id": "CVE-2024-28015",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-280016",
      "@id": "CVE-2024-28016",
      "@source": "CVE"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-119",
      "@title": "Buffer Errors(CWE-119)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-200",
      "@title": "Information Exposure(CWE-200)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-287",
      "@title": "Improper Authentication(CWE-287)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-78",
      "@title": "OS Command Injection(CWE-78)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Multiple vulnerabilities in NEC Aterm series"
}

gsd-2024-28013

Vulnerability from gsd

Modified

2024-03-01 06:03

Details

Aliases

CVE-2024-28013

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-28013"
      ],
      "details": "Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet.",
      "id": "GSD-2024-28013",
      "modified": "2024-03-01T06:03:03.208020Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt-info@cyber.jp.nec.com",
        "ID": "CVE-2024-28013",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "WG1800HP4",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1200HS3",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1900HP2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1200HP3",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1800HP3",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1200HS2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1900HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1200HP2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "W1200EX(-MS)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1200HS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1200HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WF300HP2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "W300P",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WF800HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8165N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG2200HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WF1200HP2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1800HP2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WF1200HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG600HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG300HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WF300HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1800HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1400HP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8175N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR9300N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8750N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8160N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR9500N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8600N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8370N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8170N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8700N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8300N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8150N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR4100N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR4500N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8100N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8500N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "CR2500P",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8400N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8200N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR1200H",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR7870S",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR6670S",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR7850S",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR6650S",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR6600H",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR7800H",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WM3400RN",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WM3450RN",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WM3500R",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WM3600R",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WM3800R",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WR8166N",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MR01LN",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MR02LN",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1810HP(JE)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "WG1810HP(MF)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "NEC Corporation"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Yudai Morii, Takaya Noma, Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-330",
                "lang": "eng",
                "value": "CWE-330: Use of Insufficiently Random Values"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html",
            "refsource": "MISC",
            "url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
          }
        ]
      },
      "source": {
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to change settings via the internet."
          },
          {
            "lang": "es",
            "value": "Uso de vulnerabilidad de valores insuficientemente aleatorios en NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W30 0P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N , WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN y MR02LN, todas las versiones permiten a un atacante cambiar la configuraci\u00f3n a trav\u00e9s de Internet."
          }
        ],
        "id": "CVE-2024-28013",
        "lastModified": "2024-04-02T06:15:15.350",
        "metrics": {},
        "published": "2024-03-28T01:15:47.693",
        "references": [
          {
            "source": "psirt-info@cyber.jp.nec.com",
            "url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
          }
        ],
        "sourceIdentifier": "psirt-info@cyber.jp.nec.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-330"
              }
            ],
            "source": "psirt-info@cyber.jp.nec.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2024-28013

Vulnerability from cvelistv5

ghsa-g5x6-qxv4-vxw3

Vulnerability from github

cve-2024-28013

Vulnerability from jvndb

gsd-2024-28013

Vulnerability from gsd

Tags

Sightings

Nomenclature