JVN#49410695: Multiple vulnerabilities in Aterm WG2600HS

Overview

Aterm WG2600HS provided by NEC Corporation contains multiple vulnerabilities.

Products Affected

Aterm WG2600HS firmware Ver1.3.2 and earlier

Description

Aterm WG2600HS provided by NEC Corporation contains multiple vulnerabilities listed below.

Cross-site scripting (CWE-79) - CVE-2020-5533

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1

CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6
OS command injection (CWE-78) - CVE-2020-5534

CVSS v3 CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score: 8.0

CVSS v2 AV:A/AC:L/Au:S/C:C/I:C/A:C Base Score: 7.7

Impact

An arbitrary script may be executed on the logged in user's web browser - CVE-2020-5533
A user who can login to the HTTP service of the device may execute an arbitrary OS command with root privileges - CVE-2020-5534

Solution

Update the Firmware
Update the firmware to the latest version according to the information provided by the developer.

Vendor Status

Vendor	Status	Last Update	Vendor Notes
NEC Corporation	Vulnerable	2020/02/19

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE	CVE-2020-5533
	CVE-2020-5534
JVN iPedia	JVNDB-2020-000015

CVSS v3	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	Base Score: 6.1
CVSS v2	AV:N/AC:H/Au:N/C:N/I:P/A:N	Base Score: 2.6

CVSS v3	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	Base Score: 8.0
CVSS v2	AV:A/AC:L/Au:S/C:C/I:C/A:C	Base Score: 7.7

JVN#49410695 Multiple vulnerabilities in Aterm WG2600HS