cvelistv5 - cve-2020-5534

CVE-2020-5534 (GCVE-0-2020-5534)

Vulnerability from cvelistv5

Published

2020-02-21 09:15

Modified

2024-08-04 08:30

Severity ?

CWE

OS Command Injection

Summary

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.

References

URL

	Vendor	Product	Version
	NEC Corporation	Aterm WG2600HS	Version: firmware Ver1.3.2 and earlier

ghsa-47fx-mr2m-65rq

Vulnerability from github

Published

2022-05-24 17:09

Modified

2022-05-24 17:09

Details

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-5534"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-02-21T10:15:00Z",
    "severity": "HIGH"
  },
  "details": "Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.",
  "id": "GHSA-47fx-mr2m-65rq",
  "modified": "2022-05-24T17:09:28Z",
  "published": "2022-05-24T17:09:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5534"
    },
    {
      "type": "WEB",
      "url": "https://jpn.nec.com/security-info/secinfo/nv20-003.html"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN49410695/index.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2020-5534

Vulnerability from jvndb

Published

2020-02-19 14:34

Modified

2020-02-19 14:34

Severity ?

8.0 (High) - cvssV3_0 - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in Aterm WG2600HS

Details

Aterm WG2600HS provided by NEC Corporation contains multiple vulnerabilities listed below. * Cross-site scripting (CWE-79) - CVE-2020-5533 * OS command injection (CWE-78) - CVE-2020-5534 Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN49410695/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5533
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5534
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-5533
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-5534
	OS Command Injection(CWE-78)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

NEC Corporation

Aterm WG2600HS firmware

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000015.html",
  "dc:date": "2020-02-19T14:34+09:00",
  "dcterms:issued": "2020-02-19T14:34+09:00",
  "dcterms:modified": "2020-02-19T14:34+09:00",
  "description": "Aterm WG2600HS provided by NEC Corporation contains multiple vulnerabilities listed below. \r\n* Cross-site scripting (CWE-79) - CVE-2020-5533 \r\n* OS command injection (CWE-78) - CVE-2020-5534\r\n\r\nSatoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000015.html",
  "sec:cpe": {
    "#text": "cpe:/o:nec:aterm_wg2600hs_firmware",
    "@product": "Aterm WG2600HS firmware",
    "@vendor": "NEC Corporation",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "7.7",
      "@severity": "High",
      "@type": "Base",
      "@vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
      "@version": "2.0"
    },
    {
      "@score": "8.0",
      "@severity": "High",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2020-000015",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN49410695/index.html",
      "@id": "JVN#49410695",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5533",
      "@id": "CVE-2020-5533",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5534",
      "@id": "CVE-2020-5534",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5533",
      "@id": "CVE-2020-5533",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5534",
      "@id": "CVE-2020-5534",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-78",
      "@title": "OS Command Injection(CWE-78)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Multiple vulnerabilities in Aterm WG2600HS"
}

cnvd-2020-13041

Vulnerability from cnvd

Title

NEC Aterm WG2600HS OS命令执行漏洞

Description

NEC Aterm WG2600HS是日本电气（NEC）公司的一款无线路由器。 NEC Aterm WG2600HS 1.3.2版本中存在操作系统命令注入漏洞，该漏洞源于外部输入数据构造操作系统可执行命令过程中，网络系统或产品未正确过滤其中的特殊字符、命令等。攻击者可利用该漏洞执行非法操作系统命令。

Severity

高

Patch Name

NEC Aterm WG2600HS OS命令执行漏洞的补丁

Patch Description

NEC Aterm WG2600HS是一款NEC的无线路由器。 NEC Aterm WG2600HS存在输入验证漏洞，远程攻击者可以利用漏洞提交特殊的请求，可以ROOT上下文执行任意OS命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000015.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-5534

Impacted products

Name
NEC Aterm WG2600HS 1.3.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-5534",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-5534"
    }
  },
  "description": "NEC Aterm WG2600HS\u662f\u65e5\u672c\u7535\u6c14\uff08NEC\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u65e0\u7ebf\u8def\u7531\u5668\u3002\n\nNEC Aterm WG2600HS 1.3.2\u7248\u672c\u4e2d\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5916\u90e8\u8f93\u5165\u6570\u636e\u6784\u9020\u64cd\u4f5c\u7cfb\u7edf\u53ef\u6267\u884c\u547d\u4ee4\u8fc7\u7a0b\u4e2d\uff0c\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u6b63\u786e\u8fc7\u6ee4\u5176\u4e2d\u7684\u7279\u6b8a\u5b57\u7b26\u3001\u547d\u4ee4\u7b49\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u975e\u6cd5\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000015.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-13041",
  "openTime": "2020-02-24",
  "patchDescription": "NEC Aterm WG2600HS\u662f\u4e00\u6b3eNEC\u7684\u65e0\u7ebf\u8def\u7531\u5668\u3002\r\n\r\nNEC Aterm WG2600HS\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u4ee5ROOT\u4e0a\u4e0b\u6587\u6267\u884c\u4efb\u610fOS\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "NEC Aterm WG2600HS OS\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "NEC Aterm WG2600HS 1.3.2"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-5534",
  "serverity": "\u9ad8",
  "submitTime": "2020-02-24",
  "title": "NEC Aterm WG2600HS OS\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e"
}

var-202002-1041

Vulnerability from variot

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. Provided by NEC Corporation Aterm WG2600HS Is vulnerable to several vulnerabilities: ・ Cross-site scripting (CWE-79) - CVE-2020-5533 ・ OS Command injection (CWE-78) - CVE-2020-5534 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Nagaoka Satoru MrThe expected impact depends on each vulnerability, but it may be affected as follows. -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2020-5533 ・ Of the product HTTP Depending on the user who can log in to the service root Arbitrary with authority OS Command is executed - CVE-2020-5534. NEC Aterm WG2600HS is a wireless router from NEC Corporation.

The operating system command injection vulnerability exists in NEC Aterm WG2600HS version 1.3.2. The vulnerability stems from the process of externally inputting data to construct the executable command of the operating system, and the network system or product did not properly filter the special characters and commands. An attacker could use this vulnerability to execute illegal operating system commands

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202002-1041",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "aterm wg2600hs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "nec",
        "version": "1.3.2"
      },
      {
        "model": "aterm wg2600hs",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 ver1.3.2"
      },
      {
        "model": "aterm wg2600hs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "nec",
        "version": "1.3.2"
      },
      {
        "model": "aterm wg2600hs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "nec",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5534"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:nec:aterm_wg2600hs",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      }
    ]
  },
  "cve": "CVE-2020-5534",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 5.1,
            "id": "CVE-2020-5534",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "Single",
            "author": "IPA",
            "availabilityImpact": "Complete",
            "baseScore": 7.7,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-000015",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 2.6,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-000015",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2020-13041",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.1,
            "id": "CVE-2020-5534",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "IPA",
            "availabilityImpact": "High",
            "baseScore": 8.0,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-000015",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 6.1,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-000015",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Changed",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-5534",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2020-000015",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2020-000015",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-13041",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202002-996",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5534"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. Provided by NEC Corporation Aterm WG2600HS Is vulnerable to several vulnerabilities: \u30fb Cross-site scripting (CWE-79) - CVE-2020-5533 \u30fb OS Command injection (CWE-78) - CVE-2020-5534 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Nagaoka Satoru MrThe expected impact depends on each vulnerability, but it may be affected as follows. -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2020-5533 \u30fb Of the product HTTP Depending on the user who can log in to the service root Arbitrary with authority OS Command is executed - CVE-2020-5534. NEC Aterm WG2600HS is a wireless router from NEC Corporation. \n\r\n\r\nThe operating system command injection vulnerability exists in NEC Aterm WG2600HS version 1.3.2. The vulnerability stems from the process of externally inputting data to construct the executable command of the operating system, and the network system or product did not properly filter the special characters and commands. An attacker could use this vulnerability to execute illegal operating system commands",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-5534"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-5534",
        "trust": 3.0
      },
      {
        "db": "JVN",
        "id": "JVN49410695",
        "trust": 2.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015",
        "trust": 1.4
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5534"
      }
    ]
  },
  "id": "VAR-202002-1041",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      }
    ],
    "trust": 1.0236111
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:59:29.079000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Aterm WG2600HS\u306b\u304a\u3051\u308b\u8907\u6570\u306e\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "https://jpn.nec.com/security-info/secinfo/nv20-003.html"
      },
      {
        "title": "Patch for NEC Aterm WG2600HS OS command execution vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/203957"
      },
      {
        "title": "NEC Aterm WG2600HS Fixes for operating system command injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110550"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.8
      },
      {
        "problemtype": "CWE-79",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5534"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://jpn.nec.com/security-info/secinfo/nv20-003.html"
      },
      {
        "trust": 1.6,
        "url": "https://jvn.jp/en/jp/jvn49410695/index.html"
      },
      {
        "trust": 1.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-5534"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5533"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5534"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/jp/jvn49410695/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://jvndb.jvn.jp/en/contents/2020/jvndb-2020-000015.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5534"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5534"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-02-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      },
      {
        "date": "2020-02-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "date": "2020-02-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      },
      {
        "date": "2020-02-21T10:15:11.937000",
        "db": "NVD",
        "id": "CVE-2020-5534"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-02-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-13041"
      },
      {
        "date": "2020-02-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      },
      {
        "date": "2020-03-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      },
      {
        "date": "2024-11-21T05:34:13.870000",
        "db": "NVD",
        "id": "CVE-2020-5534"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Aterm WG2600HS Multiple vulnerabilities in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-000015"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-996"
      }
    ],
    "trust": 0.6
  }
}

gsd-2020-5534

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.

Aliases

CVE-2020-5534

Aliases

CVE-2020-5534

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-5534",
    "description": "Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.",
    "id": "GSD-2020-5534"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-5534"
      ],
      "details": "Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.",
      "id": "GSD-2020-5534",
      "modified": "2023-12-13T01:22:03.399476Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2020-5534",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Aterm WG2600HS",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "firmware Ver1.3.2 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "NEC Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "OS Command Injection"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://jvn.jp/en/jp/JVN49410695/index.html",
            "refsource": "MISC",
            "url": "https://jvn.jp/en/jp/JVN49410695/index.html"
          },
          {
            "name": "https://jpn.nec.com/security-info/secinfo/nv20-003.html",
            "refsource": "MISC",
            "url": "https://jpn.nec.com/security-info/secinfo/nv20-003.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.3.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2020-5534"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jvn.jp/en/jp/JVN49410695/index.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://jvn.jp/en/jp/JVN49410695/index.html"
            },
            {
              "name": "https://jpn.nec.com/security-info/secinfo/nv20-003.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://jpn.nec.com/security-info/secinfo/nv20-003.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.7,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 5.1,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.1,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-02-21T17:21Z",
      "publishedDate": "2020-02-21T10:15Z"
    }
  }
}

fkie_cve-2020-5534

Vulnerability from fkie_nvd

Published

2020-02-21 10:15

Modified

2024-11-21 05:34

Severity ?

8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.

References

URL	Tags
vultures@jpcert.or.jp	https://jpn.nec.com/security-info/secinfo/nv20-003.html	Third Party Advisory
vultures@jpcert.or.jp	https://jvn.jp/en/jp/JVN49410695/index.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://jpn.nec.com/security-info/secinfo/nv20-003.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://jvn.jp/en/jp/JVN49410695/index.html	Third Party Advisory

Impacted products

	Vendor	Product	Version
	nec	aterm_wg2600hs_firmware	*
	nec	aterm_wg2600hs	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED4D36D-BABE-459A-8B33-DFD0AF0DB73F",
              "versionEndIncluding": "1.3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "623C9C7B-C947-49A8-9C1D-20B23FDA73ED",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Aterm WG2600HS versiones de firmware Ver1.3.2 y anteriores, permite a un atacante autentificado en el mismo segmento de red ejecutar comandos arbitrarios de Sistema Operativo con privilegios root por medio de vectores no especificados."
    }
  ],
  "id": "CVE-2020-5534",
  "lastModified": "2024-11-21T05:34:13.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.7,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.1,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-21T10:15:11.937",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jpn.nec.com/security-info/secinfo/nv20-003.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jvn.jp/en/jp/JVN49410695/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jpn.nec.com/security-info/secinfo/nv20-003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jvn.jp/en/jp/JVN49410695/index.html"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2020-5534 (GCVE-0-2020-5534)

Vulnerability from cvelistv5

ghsa-47fx-mr2m-65rq

Vulnerability from github

cve-2020-5534

Vulnerability from jvndb

cnvd-2020-13041

Vulnerability from cnvd

var-202002-1041

Vulnerability from variot

gsd-2020-5534

Vulnerability from gsd

fkie_cve-2020-5534

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature