ID

VAR-202603-6005


CVE

CVE-2026-4622


DESCRIPTION

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

Trust: 1.0

sources: NVD: CVE-2026-4622

AFFECTED PRODUCTS

vendor:necmodel:aterm wg2600hsscope:ltversion:1.7.2

Trust: 1.0

vendor:necmodel:aterm wf1200crscope:ltversion:1.6.0

Trust: 1.0

vendor:necmodel:aterm wg2600hp4scope:ltversion:1.4.2

Trust: 1.0

vendor:necmodel:aterm wg2600hs2scope:ltversion:1.3.2

Trust: 1.0

vendor:necmodel:aterm gb1200pescope:ltversion:1.3.1

Trust: 1.0

vendor:necmodel:aterm wg2600hm4scope:ltversion:1.4.2

Trust: 1.0

vendor:necmodel:aterm wx3000hp2scope:ltversion:1.3.2

Trust: 1.0

vendor:necmodel:aterm wx3000hpscope:ltversion:2.5.0

Trust: 1.0

vendor:necmodel:aterm wg1200crscope:ltversion:1.5.0

Trust: 1.0

sources: NVD: CVE-2026-4622

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2026-4622
value: CRITICAL

Trust: 1.0

psirt-info@cyber.jp.nec.com: CVE-2026-4622
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2026-4622
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2026-4622 // NVD: CVE-2026-4622

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

sources: NVD: CVE-2026-4622

EXTERNAL IDS

db:NVDid:CVE-2026-4622

Trust: 1.0

sources: NVD: CVE-2026-4622

REFERENCES

url:https://jpn.nec.com/security-info/secinfo/nv26-001_en.html

Trust: 1.0

sources: NVD: CVE-2026-4622

SOURCES

db:NVDid:CVE-2026-4622

LAST UPDATE DATE

2026-06-18T21:34:42.840000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2026-4622date:2026-04-20T15:22:41.390

SOURCES RELEASE DATE

db:NVDid:CVE-2026-4622date:2026-03-27T12:16:21.133