CVE-2026-4309

MEDIUM

6.5

Descripcion

Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network.

Detalles CVE

Puntuacion CVSS v3.16.5

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado3/27/2026

Ultima modificacion4/20/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

nec:aterm_w1200ex-msnec:aterm_w1200ex-ms_firmwarenec:aterm_wf1200crnec:aterm_wf1200cr_firmwarenec:aterm_wg1200crnec:aterm_wg1200cr_firmwarenec:aterm_wg1200hp2nec:aterm_wg1200hp2_firmwarenec:aterm_wg1200hp3nec:aterm_wg1200hp3_firmwarenec:aterm_wg1200hp4nec:aterm_wg1200hp4_firmwarenec:aterm_wg1200hs2nec:aterm_wg1200hs2_firmwarenec:aterm_wg1200hs3nec:aterm_wg1200hs3_firmwarenec:aterm_wg1200hs4nec:aterm_wg1200hs4_firmwarenec:aterm_wg1800hp3nec:aterm_wg1800hp3_firmwarenec:aterm_wg1800hp4nec:aterm_wg1800hp4_firmwarenec:aterm_wg1900hpnec:aterm_wg1900hp2nec:aterm_wg1900hp2_firmwarenec:aterm_wg1900hp_firmwarenec:aterm_wg2600hm4nec:aterm_wg2600hm4_firmwarenec:aterm_wg2600hp4nec:aterm_wg2600hp4_firmwarenec:aterm_wg2600hsnec:aterm_wg2600hs2nec:aterm_wg2600hs2_firmwarenec:aterm_wg2600hs_firmwarenec:aterm_wx1500hpnec:aterm_wx1500hp_firmwarenec:aterm_wx3000hpnec:aterm_wx3000hp_firmwarenec:aterm_wx3600hpnec:aterm_wx3600hp_firmware

Debilidades (CWE)

CWE-862

Referencias

https://jpn.nec.com/security-info/secinfo/nv26-001_en.html(psirt-info@cyber.jp.nec.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.