Vulnerabilities > NEC > Aterm Wg1200Cr Firmware > 1.2.1

DATE CVE VULNERABILITY TITLE RISK
2021-04-26 CVE-2021-20709 Improper Validation of Integrity Check Value vulnerability in NEC products
Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to a specific URL.
network
low complexity
nec CWE-354
critical
 9.0
9.0
2021-04-26 CVE-2021-20708 OS Command Injection vulnerability in NEC products
NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL.
network
low complexity
nec CWE-78
critical
 9.0
9.0
2020-02-21 CVE-2020-5525 OS Command Injection vulnerability in NEC products
Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.
low complexity
nec CWE-78
7.7
7.7
2020-02-21 CVE-2020-5524 OS Command Injection vulnerability in NEC products
Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function.
low complexity
nec CWE-78
8.3
8.3