Published:2023/06/27  Last Updated:2023/07/07

JVN#38343415
Multiple vulnerabilities in Aterm series

Overview

Aterm series provided by NEC Corporation contain multiple vulnerabilities.

Products Affected

All versions of following Aterm series are affected by the vulnerabilities.

  • WG2600HP2
  • WG2600HP
  • WG2200HP
  • WG1800HP2
  • WG1800HP
  • WG1400HP
  • WG600HP
  • WG300HP
  • WF300HP
  • WR9500N
  • WR9300N
  • WR8750N
  • WR8700N
  • WR8600N
  • WR8370N
  • WR8175N
  • WR8170N

Description

Aterm series provided by NEC Corporation contain multiple vulnerabilities listed below.

  • Directory traversal (CWE-22) - CVE-2023-3330
    CVSS v3 CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N Base Score: 2.6
    CVSS v2 AV:A/AC:M/Au:S/C:P/I:N/A:N Base Score: 2.3
  • Directory traversal (CWE-22) - CVE-2023-3331
    CVSS v3 CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score: 2.6
    CVSS v2 AV:A/AC:M/Au:S/C:N/I:P/A:N Base Score: 2.3
  • Stored cross-site scripting (CWE-79) - CVE-2023-3332
    CVSS v3 CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N Base Score: 4.3
    CVSS v2 AV:A/AC:M/Au:S/C:N/I:P/A:N Base Score: 2.3
  • OS command injection (CWE-78) - CVE-2023-3333
    CVSS v3 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score: 6.8
    CVSS v2 A/AC:L/Au:S/C:C/I:C/A:C Base Score: 7.7

Impact

  • An authenticated attacker may obtain specific files in the product - CVE-2023-3330
  • An authenticated attacker may delete specific files in the product - CVE-2023-3331
  • After obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities, the attacker may execute an arbitrary script - CVE-2023-3332
  • After obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities, the attacker may execute an arbitrary OS command with the root privilege - CVE-2023-3333

Solution

Stop using the products
The affected products are no longer supported. Stop using the vulnerable products and consider switching to alternatives.

Apply a workaround
The developer states there is no plan to provide firmware updates for the affected products, therefore recommends users to apply workarounds to mitigate the impacts of the vulnerabilities before switching to alternatives.

For details, refer to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
NEC Corporation Vulnerable 2023/06/27

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2023-3330
CVE-2023-3331
CVE-2023-3332
CVE-2023-3333
JVN iPedia JVNDB-2023-000066

Update History

2023/07/07
Updated [Title], [Overview], [Products Affected], [Description], and [Solution] sections as multiple products were found to be affected.