Vendor CVEs
NEC
All CVEs
142 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0043 | Cri | 0.67 | 9.8 | 0.45 | Dec 4, 1996 | Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. | ||
| CVE-2026-4622 | Cri | 0.64 | 9.8 | 0.01 | Mar 27, 2026 | OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network. | ||
| CVE-2026-4620 | Cri | 0.64 | 9.8 | 0.01 | Mar 27, 2026 | OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network. | ||
| CVE-2026-4619 | Cri | 0.64 | 9.8 | 0.00 | Mar 27, 2026 | Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network. | ||
| CVE-2025-11546 | Cri | 0.60 | — | 0.00 | Nov 7, 2025 | CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an… | ||
| CVE-2024-3016 | Cri | 0.59 | 9.1 | 0.01 | May 14, 2024 | NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user. | ||
| CVE-2016-1168 | Hig | 0.57 | 8.8 | 0.01 | Apr 1, 2016 | Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users. | ||
| CVE-2016-1167 | Hig | 0.57 | 8.8 | 0.01 | Apr 1, 2016 | Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users. | ||
| CVE-2025-12852 | Hig | 0.55 | — | 0.00 | Nov 19, 2025 | DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device. | ||
| CVE-2025-0355 | Hig | 0.49 | 7.5 | 0.01 | Jan 15, 2025 | Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier,… | ||
| CVE-2017-12575 | Hig | 0.49 | 7.5 | 0.02 | Aug 24, 2018 | An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vulnerability by sending a crafted HTTP request to retrieve… | ||
| CVE-2016-1145 | Hig | 0.49 | 7.5 | 0.04 | Jan 30, 2016 | Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2025-0356 | Hig | 0.47 | 7.2 | 0.01 | Jan 15, 2025 | NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network. | ||
| CVE-2024-11013 | Hig | 0.47 | 7.2 | 0.01 | Nov 29, 2024 | Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device… | ||
| CVE-2026-4309 | Med | 0.42 | 6.5 | 0.00 | Mar 27, 2026 | Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network. | ||
| CVE-2026-4621 | Med | 0.36 | 5.6 | 0.00 | Mar 27, 2026 | Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network. | ||
| CVE-1999-0011 | Med | 0.36 | 5.4 | 0.05 | Apr 8, 1998 | Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | ||
| CVE-2024-6466 | Med | 0.34 | 5.3 | 0.00 | Jan 21, 2025 | NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified. | ||
| CVE-2025-8153 | Med | 0.33 | — | 0.00 | Sep 17, 2025 | Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an… | ||
| CVE-2025-0354 | Med | 0.31 | 4.8 | 0.00 | Jan 15, 2025 | Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to… | ||
| CVE-2024-11014 | Med | 0.28 | 4.3 | 0.00 | Nov 29, 2024 | Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27 and for Ver10.9 up to Ver10.9.14 allows a attacker to hijack the authentication of screens on the device via the management interface. | ||
| CVE-2018-11741 | 0.07 | — | 0.18 | Dec 26, 2018 | NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs. | |||
| CVE-2018-11742 | 0.06 | — | 0.14 | Dec 26, 2018 | NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI. | |||
| CVE-1999-0009 | 0.04 | — | 0.29 | Apr 8, 1998 | Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||
| CVE-1999-0208 | 0.04 | — | 0.13 | Dec 12, 1995 | rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. | |||
| CVE-1999-0040 | 0.03 | — | 0.01 | May 1, 1997 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. | |||
| CVE-2020-10917 | 0.02 | — | 0.06 | Jul 22, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper… | |||
| CVE-2020-17408 | 0.01 | — | 0.74 | Sep 10, 2020 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper… | |||
| CVE-2002-2368 | 0.01 | — | 0.07 | Dec 31, 2002 | Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in… | |||
| CVE-2025-22022 | 0.00 | — | 0.00 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 (one with start/stop bug, one without) were seen to cause IOMMU faults after some Missed Service… | |||
| CVE-2024-28013 | 0.00 | — | 0.00 | Mar 28, 2024 | Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP,… | |||
| CVE-2024-28014 | 0.00 | — | 0.01 | Mar 28, 2024 | Stack-based Buffer Overflow vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP,… | |||
| CVE-2024-28015 | 0.00 | — | 0.01 | Mar 28, 2024 | Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP,… | |||
| CVE-2024-28016 | 0.00 | — | 0.00 | Mar 28, 2024 | Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,… | |||
| CVE-2024-28012 | 0.00 | — | 0.01 | Mar 28, 2024 | Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,… | |||
| CVE-2024-28011 | 0.00 | — | 0.01 | Mar 28, 2024 | Hidden Functionality vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,… | |||
| CVE-2024-28010 | 0.00 | — | 0.01 | Mar 28, 2024 | Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP,… | |||
| CVE-2024-28009 | 0.00 | — | 0.01 | Mar 28, 2024 | Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,… | |||
| CVE-2024-28008 | 0.00 | — | 0.01 | Mar 28, 2024 | Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP,… | |||
| CVE-2024-28007 | 0.00 | — | 0.01 | Mar 28, 2024 | Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,… | |||
| CVE-2024-28006 | 0.00 | — | 0.00 | Mar 28, 2024 | Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,… | |||
| CVE-2024-28005 | 0.00 | — | 0.00 | Mar 28, 2024 | Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N,… | |||
| CVE-2023-3741 | 0.00 | — | 0.01 | Nov 30, 2023 | An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions allows an attacker to execute any command on the device. | |||
| CVE-2023-39548 | 0.00 | — | 0.01 | Nov 17, 2023 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | |||
| CVE-2023-39547 | 0.00 | — | 0.01 | Nov 17, 2023 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | |||
| CVE-2023-39546 | 0.00 | — | 0.01 | Nov 17, 2023 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | |||
| CVE-2023-39545 | 0.00 | — | 0.01 | Nov 17, 2023 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | |||
| CVE-2023-39544 | 0.00 | — | 0.01 | Nov 17, 2023 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | |||
| CVE-2023-3333 | 0.00 | — | 0.01 | Jun 28, 2023 | Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all… | |||
| CVE-2023-3332 | 0.00 | — | 0.00 | Jun 28, 2023 | Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all… |
- risk 0.67cvss 9.8epss 0.45
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
- risk 0.64cvss 9.8epss 0.01
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.
- risk 0.64cvss 9.8epss 0.01
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.
- risk 0.64cvss 9.8epss 0.00
Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network.
- risk 0.60cvss —epss 0.00
CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an…
- risk 0.59cvss 9.1epss 0.01
NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users.
- risk 0.55cvss —epss 0.00
DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device.
- risk 0.49cvss 7.5epss 0.01
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier,…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vulnerability by sending a crafted HTTP request to retrieve…
- risk 0.49cvss 7.5epss 0.04
Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors.
- risk 0.47cvss 7.2epss 0.01
NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network.
- risk 0.47cvss 7.2epss 0.01
Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device…
- risk 0.42cvss 6.5epss 0.00
Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network.
- risk 0.36cvss 5.6epss 0.00
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.
- risk 0.36cvss 5.4epss 0.05
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
- risk 0.34cvss 5.3epss 0.00
NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified.
- risk 0.33cvss —epss 0.00
Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an…
- risk 0.31cvss 4.8epss 0.00
Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to…
- risk 0.28cvss 4.3epss 0.00
Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27 and for Ver10.9 up to Ver10.9.14 allows a attacker to hijack the authentication of screens on the device via the management interface.
- CVE-2018-11741Dec 26, 2018risk 0.07cvss —epss 0.18
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.
- CVE-2018-11742Dec 26, 2018risk 0.06cvss —epss 0.14
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.
- CVE-1999-0009Apr 8, 1998risk 0.04cvss —epss 0.29
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
- CVE-1999-0208Dec 12, 1995risk 0.04cvss —epss 0.13
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.
- CVE-1999-0040May 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
- CVE-2020-10917Jul 22, 2020risk 0.02cvss —epss 0.06
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper…
- CVE-2020-17408Sep 10, 2020risk 0.01cvss —epss 0.74
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper…
- CVE-2002-2368Dec 31, 2002risk 0.01cvss —epss 0.07
Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in…
- CVE-2025-22022Apr 16, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 (one with start/stop bug, one without) were seen to cause IOMMU faults after some Missed Service…
- CVE-2024-28013Mar 28, 2024risk 0.00cvss —epss 0.00
Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP,…
- CVE-2024-28014Mar 28, 2024risk 0.00cvss —epss 0.01
Stack-based Buffer Overflow vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP,…
- CVE-2024-28015Mar 28, 2024risk 0.00cvss —epss 0.01
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP,…
- CVE-2024-28016Mar 28, 2024risk 0.00cvss —epss 0.00
Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,…
- CVE-2024-28012Mar 28, 2024risk 0.00cvss —epss 0.01
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,…
- CVE-2024-28011Mar 28, 2024risk 0.00cvss —epss 0.01
Hidden Functionality vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,…
- CVE-2024-28010Mar 28, 2024risk 0.00cvss —epss 0.01
Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP,…
- CVE-2024-28009Mar 28, 2024risk 0.00cvss —epss 0.01
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,…
- CVE-2024-28008Mar 28, 2024risk 0.00cvss —epss 0.01
Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP,…
- CVE-2024-28007Mar 28, 2024risk 0.00cvss —epss 0.01
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,…
- CVE-2024-28006Mar 28, 2024risk 0.00cvss —epss 0.00
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP,…
- CVE-2024-28005Mar 28, 2024risk 0.00cvss —epss 0.00
Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N,…
- CVE-2023-3741Nov 30, 2023risk 0.00cvss —epss 0.01
An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions allows an attacker to execute any command on the device.
- CVE-2023-39548Nov 17, 2023risk 0.00cvss —epss 0.01
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
- CVE-2023-39547Nov 17, 2023risk 0.00cvss —epss 0.01
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
- CVE-2023-39546Nov 17, 2023risk 0.00cvss —epss 0.01
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
- CVE-2023-39545Nov 17, 2023risk 0.00cvss —epss 0.01
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
- CVE-2023-39544Nov 17, 2023risk 0.00cvss —epss 0.01
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
- CVE-2023-3333Jun 28, 2023risk 0.00cvss —epss 0.01
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all…
- CVE-2023-3332Jun 28, 2023risk 0.00cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all…
Page 1 of 3