Improper Authentication Vulnerability in NEC Corporation Aterm Devices
CVE-2024-28006

Currently unrated

Key Information:

Vendor: Nec Corporation
Status: Wg1800HP4; Wg1200hs3; Wg1900HP2; Wg1200HP3
Vendor: CVE Published:; 28 March 2024

🔔 Create Nec Corporation Vulnerability Alert

What is CVE-2024-28006?

An improper authentication vulnerability exists in multiple NEC Aterm devices, including the WG1800HP4 and WG1200HS3 series. This flaw enables an attacker to gain unauthorized access to device information, potentially compromising the security of the network. Users are encouraged to apply recommended security updates immediately to mitigate potential risks. Detailed information can be found on NEC Corporation's security page.

Affected Version(s)

CR2500P all versions

MR01LN all versions

MR02LN all versions

References

https://jpn.nec.com/security-info/secinfo/nv24-001_en.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 28, 2024
Vulnerability Reserved
Feb 29, 2024

Credit

Katsuhiko Sato and Ryo Kashiro of 00One, Inc.