Vulnerability Details CVE-2020-5524
Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.1%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 8.3
References
Products affected by CVE-2020-5524
-
cpe:2.3:h:nec:aterm_wf1200c:-
-
cpe:2.3:h:nec:aterm_wg1200cr:-
-
cpe:2.3:h:nec:aterm_wg2600hs:-
-
cpe:2.3:o:nec:aterm_wf1200c_firmware:1.2.1
-
cpe:2.3:o:nec:aterm_wg1200cr_firmware:-
-
cpe:2.3:o:nec:aterm_wg1200cr_firmware:1.0.0
-
cpe:2.3:o:nec:aterm_wg1200cr_firmware:1.0.1
-
cpe:2.3:o:nec:aterm_wg1200cr_firmware:1.2.1
-
cpe:2.3:o:nec:aterm_wg2600hs_firmware:-
-
cpe:2.3:o:nec:aterm_wg2600hs_firmware:1.3.2