Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2024-28008

Disclosure Date: March 28, 2024
CVE-2024-28008
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
WG1800HP4 all versions
WG1200HS3 all versions
WG1900HP2 all versions
WG1200HP3 all versions
WG1800HP3 all versions
WG1200HS2 all versions
WG1900HP all versions
WG1200HP2 all versions
W1200EX(-MS) all versions
WG1200HS all versions
WG1200HP all versions
WF300HP2 all versions
W300P all versions
WF800HP all versions
WR8165N all versions
WG2200HP all versions
WF1200HP2 all versions
WG1800HP2 all versions
WF1200HP all versions
WG600HP all versions
WG300HP all versions
WF300HP all versions
WG1800HP all versions
WG1400HP all versions
WR8175N all versions
WR9300N all versions
WR8750N all versions
WR8160N all versions
WR9500N all versions
WR8600N all versions
WR8370N all versions
WR8170N all versions
WR8700N all versions
WR8300N all versions
WR8150N all versions
WR4100N all versions
WR4500N all versions
WR8100N all versions
WR8500N all versions
CR2500P all versions
WR8400N all versions
WR8200N all versions
WR1200H all versions
WR7870S all versions
WR6670S all versions
WR7850S all versions
WR6650S all versions
WR6600H all versions
WR7800H all versions
WM3400RN all versions
WM3450RN all versions
WM3500R all versions
WM3600R all versions
WM3800R all versions
WR8166N all versions
MR01LN all versions
MR02LN all versions
WG1810HP(JE) all versions
WG1810HP(MF) all versions
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis