Sign-up

ID

VAR-202403-1924


CVE

CVE-2024-28010


DESCRIPTION

Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet.

Trust: 1.0

sources: NVD: CVE-2024-28010

AFFECTED PRODUCTS

vendor:necmodel:aterm wg1810hp\scope:eqversion: -

Trust: 2.0

vendor:necmodel:aterm wr8600nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wf1200hp2scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1200hp2scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8700nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1200hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1200hs3scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wf300hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm mr01lnscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8170nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm cr2500pscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg600hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1800hp2scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr6670sscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1800hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr6650sscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wf300hp2scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr4100nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wm3450rnscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8400nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wf800hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr9300nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm w1200ex-msscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8200nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8750nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr9500nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr4500nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1800hp3scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1900hp2scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8175nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1200hsscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm w300pscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr7850sscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1200hs2scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr6600hscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg300hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wm3800rscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8160nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8150nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1800hp4scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr7800hscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8100nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wm3500rscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wm3400rnscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1400hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8300nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1200hp3scope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8165nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8166nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr1200hscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wm3600rscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8370nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg2200hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wf1200hpscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr8500nscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wr7870sscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm mr02lnscope:eqversion: -

Trust: 1.0

vendor:necmodel:aterm wg1900hpscope:eqversion: -

Trust: 1.0

sources: NVD: CVE-2024-28010

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-28010
value: CRITICAL

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-28010
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2024-28010

PROBLEMTYPE DATA

problemtype:CWE-259

Trust: 1.0

sources: NVD: CVE-2024-28010

EXTERNAL IDS

db:NVDid:CVE-2024-28010

Trust: 1.0

sources: NVD: CVE-2024-28010

REFERENCES

url:https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html

Trust: 1.0

url:https://jpn.nec.com/security-info/secinfo/nv24-001_en.html

Trust: 1.0

sources: NVD: CVE-2024-28010

SOURCES

db:NVDid:CVE-2024-28010

LAST UPDATE DATE

2025-09-30T02:47:13.882000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2024-28010date:2025-09-29T13:00:59.280

SOURCES RELEASE DATE

db:NVDid:CVE-2024-28010date:2024-03-28T01:15:47.470