Wg2600hp2 Firmware

wg2600hp2_firmware

Vendor: Aterm • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-20622 1Aterm 2Wg2600hp2 Firmware Wg2600hp Firmware Nov 21, 2024 Jan 28, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2021-20621 1Aterm 2Wg2600hp2 Firmware Wg2600hp Firmware Nov 21, 2024 Jan 28, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators vi...Show more Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.Show less
CVE-2017-12575 1Aterm 1Wg2600hp2 Firmware Nov 21, 2024 Aug 24, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vuln...Show more An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vulnerability by sending a crafted HTTP request to retrieve DHCP clients, firmware version, and network status (ex.: curl -X http://[IP]/aterm_httpif.cgi/negotiate -d "REQ_ID=SUPPORT_IF_GET").Show less