Aterm

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-20710 1Aterm 1Wg2600hs Firmware Nov 21, 2024 Apr 26, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.5.1 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2021-20622 1Aterm 2Wg2600hp2 Firmware Wg2600hp Firmware Nov 21, 2024 Jan 28, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2021-20621 1Aterm 2Wg2600hp2 Firmware Wg2600hp Firmware Nov 21, 2024 Jan 28, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators vi...Show more Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.Show less
CVE-2021-20620 1Aterm 1Wg2600hp Firmware Nov 21, 2024 Jan 28, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2017-12575 1Aterm 1Wg2600hp2 Firmware Nov 21, 2024 Aug 24, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vuln...Show more An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vulnerability by sending a crafted HTTP request to retrieve DHCP clients, firmware version, and network status (ex.: curl -X http://[IP]/aterm_httpif.cgi/negotiate -d "REQ_ID=SUPPORT_IF_GET").Show less
CVE-2016-1168 1Aterm 1Wf800hp Firmware May 6, 2026 Apr 1, 2016 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users.
CVE-2016-1167 1Aterm 1Wg300hp Firmware May 6, 2026 Apr 1, 2016 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users.
CVE-2014-8361 3Aterm DlinkRealtek 26Dir 501 Firmware Dir 515 FirmwareDir 600l Firmware+23 more Apr 22, 2026 May 1, 2015 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
CVE-2008-1142 7Aterm EtermMrxvt+4 more 7Aterm EtermMrxvt+4 more Apr 23, 2026 Apr 7, 2008 N/A· v4 N/A· v3 3.7 LOW· v2 rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm,...Show more rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.Show less
CVE-2003-0067 1Aterm 1Aterm Apr 16, 2026 Mar 18, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file con...Show more The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.Show less
CVE-2003-0024 1Aterm 1Aterm Apr 16, 2026 Mar 3, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu.