Vulnerabilities > Aterm

DATE CVE VULNERABILITY TITLE RISK
2021-04-26 CVE-2021-20710 Cross-site Scripting vulnerability in Aterm Wg2600Hs Firmware
Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.5.1 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
network
aterm CWE-79
4.3
2021-01-28 CVE-2021-20622 Cross-site Scripting vulnerability in Aterm Wg2600Hp2 Firmware and Wg2600Hp Firmware
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
network
aterm CWE-79
4.3
2021-01-28 CVE-2021-20621 Cross-Site Request Forgery (CSRF) vulnerability in Aterm Wg2600Hp2 Firmware and Wg2600Hp Firmware
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
aterm CWE-352
6.8
2021-01-28 CVE-2021-20620 Cross-site Scripting vulnerability in Aterm Wg2600Hp Firmware
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
network
aterm CWE-79
4.3
2018-08-24 CVE-2017-12575 Missing Authentication for Critical Function vulnerability in Aterm Wg2600Hp2 Firmware 1.0.2
An issue was discovered on the NEC Aterm WG2600HP2 1.0.2.
network
low complexity
aterm CWE-306
5.0
2016-04-01 CVE-2016-1168 Cross-Site Request Forgery (CSRF) vulnerability in Aterm Wf800Hp Firmware 1.0.17
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users.
network
aterm CWE-352
6.8
2016-04-01 CVE-2016-1167 Cross-Site Request Forgery (CSRF) vulnerability in Aterm Wg300Hp Firmware 1.0.8
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users.
network
aterm CWE-352
6.8
2015-05-01 CVE-2014-8361 The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
network
low complexity
dlink realtek aterm
critical
9.8
2008-04-07 CVE-2008-1142 Permissions, Privileges, and Access Controls vulnerability in multiple products
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.
3.7
2003-03-18 CVE-2003-0067 Remote Security vulnerability in Aterm 0.42
The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g.
network
low complexity
aterm
7.5