JVNVU#96424864
Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series

Overview

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain multiple vulnerabilities.

Products Affected

• FutureNet NXR-1300 series firmware version 7.4.9 and earlier
• FutureNet NXR-650 firmware version 21.16.1 and earlier
• FutureNet NXR-610X series firmware version 21.14.11 and earlier
• FutureNet NXR-530 firmware version 21.11.13 and earlier
• FutureNet NXR-350/C firmware version 5.30.9 and earlier
• FutureNet NXR-230/C firmware version 5.30.12 and earlier
• FutureNet NXR-160/LW firmware version 21.8.3 and earlier
• FutureNet NXR-G200 series firmware version 9.12.15 and earlier
• FutureNet NXR-G180/L-CA firmware version 21.7.28B and earlier
• FutureNet NXR-G120 series firmware version 21.15.2 and earlier
• FutureNet NXR-G110 series firmware version 21.7.30C and earlier
• FutureNet NXR-G100 series firmware version 6.23.10 and earlier
• FutureNet NXR-G060 series firmware version 21.15.5 and earlier
• FutureNet NXR-G050 series firmware version 21.12.9 and earlier
• FutureNet VXR/x64 firmware version 21.7.31 and earlier
• FutureNet VXR/x86 firmware version 10.1.4 and earlier
• FutureNet NXR-1200 firmware version 5.25.21 and earlier
• FutureNet NXR-130/C firmware version 5.13.21 and earlier
• FutureNet NXR-155/C series firmware version 5.22.5M and earlier
• FutureNet NXR-125/CX firmware version 5.25.7H and earlier
• FutureNet NXR-120/C firmware version 5.25.7H and earlier
• FutureNet WXR-250 firmware version 1.4.7 and earlier

Description

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below.

• Initialization of a Resource with an Insecure Default (CWE-1188)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8
  • CVE-2024-31070
• Active Debug Code (CWE-489)
  • CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 7.2
  • CVE-2024-36475
• OS Command Injection (CWE-78)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8
  • CVE-2024-36491
• Buffer Overflow (CWE-120)
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8
  • CVE-2020-10188
    The product uses previous versions of netkit-telnet which contains a known vulnerability.

Impact

• An unauthenticated attacker may access telnet service unlimitedly (CVE-2024-31070)
• If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed (CVE-2024-36475)
• A remote attacker may execute an arbitrary OS command, obtain and/or alter sensitive information, and be able to cause a denial of service (DoS) condition (CVE-2024-36491, CVE-2020-10188)

Solution

CVE-2024-31070
The developer recommends to disable telnet and enable SSH by using the CLI command, if the product is used with default settings.
According to the developer, telnet is disabled and SSH is enabled by default in the firmware versions released after June 28, 2024.

CVE-2024-36475, CVE-2024-36491, CVE-2020-10188
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.

Stop using the products
According to the developer, some affected products are no longer supported. (See End of life products.)
The developer recommends stop using them and switching to alternatives.

For more information, refer to the information provided by the developer.