Vendor
Aterm
Products
18
CVEs
6
Across products
38
Status
Private
Products
18- 20 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-8361 | Cri | 0.86 | 9.8 | 0.94 | KEV | May 1, 2015 | The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. |
| CVE-2016-1168 | Hig | 0.57 | 8.8 | 0.00 | Apr 1, 2016 | Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users. | |
| CVE-2016-1167 | Hig | 0.57 | 8.8 | 0.00 | Apr 1, 2016 | Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users. | |
| CVE-2008-1142 | 0.00 | — | 0.00 | Apr 7, 2008 | rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine. | ||
| CVE-2003-0067 | 0.00 | — | 0.01 | Mar 18, 2003 | The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||
| CVE-2003-0024 | 0.00 | — | 0.01 | Mar 3, 2003 | The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. |