OS Command Injection Vulnerability in NEC Platforms Aterm Series
CVE-2026-4622

7.1HIGH

Key Information:

Vendor: Nec Platforms, Ltd.
Status: Aterm Wg2600hs; Aterm Wf1200cr; Aterm Wg1200cr; Aterm Wg2600HP4
Vendor: CVE Published:; 27 March 2026

🔔 Create Nec Platforms, Ltd. Vulnerability Alert

What is CVE-2026-4622?

An OS command injection vulnerability exists in NEC Platforms Aterm Series, which enables attackers to execute arbitrary OS commands remotely through network interfaces. This can result in unauthorized access and system manipulation, potentially compromising the integrity and confidentiality of the affected systems. Proper security measures and updates are essential to mitigate this risk.

Affected Version(s)

Aterm GB1200PE Before Ver. 1.3.1

Aterm WF1200CR Before Ver. 1.6.0

Aterm WG1200CR Before Ver. 1.5.0

References

https://jpn.nec.com/security-info/secinfo/nv26-001_en.html

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2026
Vulnerability Reserved
Mar 23, 2026

Credit

Zero Zero One Co., Ltd.

CVE-2026-4622 Data

JSON