Sign-up

ID

VAR-202002-1033


CVE

CVE-2020-5524


TITLE

Aterm WF1200CR , WG1200CR and WG2600HS Multiple in OS Command injection vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-000016

DESCRIPTION

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function. Provided by NEC Corporation Aterm WF1200CR , WG1200CR and WG2600HS To the following multiple OS A command injection vulnerability exists. ・ UPnP In function OS Command injection (CWE-78) - CVE-2020-5524 ・ On the management screen OS Command injection (CWE-78) - CVE-2020-5525 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Nippon Telegraph and Telephone Corporation Fujita Rintaro Mr. Kamiyama Takayuki MrThe expected impact depends on each vulnerability, but it may be affected as follows. ・ Of the product UPnP Depending on the user who has access to the feature's interface root Arbitrary with authority OS Command is executed - CVE-2020-5524 -By a user who can access the management screen of the product root Arbitrary with authority OS Command is executed - CVE-2020-5525. NEC Aterm WF1200C and others are wireless routers from NEC Corporation. There is an operating system command injection vulnerability in NEC Aterm WF1200C 1.2.1 and earlier versions, Aterm WG1200CR 1.2.1 and earlier versions and Aterm WG2600HS 1.3.2 and earlier versions, which originated from the process of externally inputting data to construct the operating system executable commands , The network system or product does not properly filter the special characters, commands, etc. An attacker could use this vulnerability to execute illegal operating system commands

Trust: 2.16

sources: NVD: CVE-2020-5524 // JVNDB: JVNDB-2020-000016 // CNVD: CNVD-2020-14326

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-14326

AFFECTED PRODUCTS

vendor:necmodel:aterm wg1200crscope:lteversion:1.2.1

Trust: 1.0

vendor:necmodel:aterm wf1200cscope:lteversion:1.2.1

Trust: 1.0

vendor:necmodel:aterm wg2600hsscope:lteversion:1.3.2

Trust: 1.0

vendor:necmodel:aterm wf1200crscope:eqversion:ver1.2.1

Trust: 0.8

vendor:necmodel:aterm wg1200crscope:eqversion:ver1.2.1

Trust: 0.8

vendor:necmodel:aterm wg2600hsscope:eqversion:ファームウェア ver1.3.2

Trust: 0.8

vendor:necmodel:wf1200cscope:lteversion:<=1.2.1

Trust: 0.6

vendor:necmodel:aterm wg1200crscope:lteversion:<=1.2.1

Trust: 0.6

vendor:necmodel:aterm wg2600hsscope:lteversion:<=1.3.2

Trust: 0.6

vendor:necmodel:aterm wg2600hsscope:eqversion: -

Trust: 0.6

vendor:necmodel:aterm wg1200crscope:eqversion: -

Trust: 0.6

vendor:necmodel:aterm wf1200cscope:eqversion: -

Trust: 0.6

sources: CNVD: CNVD-2020-14326 // JVNDB: JVNDB-2020-000016 // CNNVD: CNNVD-202002-1004 // NVD: CVE-2020-5524

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-5524
value: HIGH

Trust: 1.0

IPA: JVNDB-2020-000016
value: HIGH

Trust: 0.8

IPA: JVNDB-2020-000016
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-14326
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202002-1004
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-5524
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2020-000016
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2020-000016
severity: HIGH
baseScore: 7.7
vectorString: AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-14326
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-5524
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA: JVNDB-2020-000016
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2020-000016
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-14326 // JVNDB: JVNDB-2020-000016 // JVNDB: JVNDB-2020-000016 // CNNVD: CNNVD-202002-1004 // NVD: CVE-2020-5524

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.8

sources: JVNDB: JVNDB-2020-000016 // NVD: CVE-2020-5524

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202002-1004

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202002-1004

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-000016

PATCH
title:Atermシリーズにおける複数のOSコマンドインジェクションurl:https://jpn.nec.com/security-info/secinfo/nv20-005.html
Trust: 0.8
title:Patch for NEC Aterm WF1200C, Aterm WG1200CR and Aterm WG2600HS operating system command injection vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/205507
Trust: 0.6
title:NEC Aterm WF1200C , Aterm WG1200CR  and Aterm WG2600HS Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110555
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14326 // 
            
            
            
            JVNDB: JVNDB-2020-000016 // 
            
            
            
            CNNVD: CNNVD-202002-1004

EXTERNAL IDS
db:NVDid:CVE-2020-5524
Trust: 3.0
db:JVNid:JVN25766797
Trust: 2.4
db:JVNid:JVN49410695
Trust: 1.6
db:JVNDBid:JVNDB-2020-000016
Trust: 1.4
db:CNVDid:CNVD-2020-14326
Trust: 0.6
db:CNNVDid:CNNVD-202002-1004
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14326 // 
            
            
            
            JVNDB: JVNDB-2020-000016 // 
            
            
            
            CNNVD: CNNVD-202002-1004 // 
            
            
            
            NVD: CVE-2020-5524

REFERENCES
url:https://jvn.jp/en/jp/jvn25766797/
Trust: 1.6
url:https://jpn.nec.com/security-info/secinfo/nv20-003.html
Trust: 1.6
url:https://jvn.jp/en/jp/jvn49410695/index.html
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2020-5524
Trust: 1.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5524
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5525
Trust: 0.8
url:https://jvn.jp/jp/jvn25766797/index.html
Trust: 0.8
url:https://jvndb.jvn.jp/en/contents/2020/jvndb-2020-000016.html
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14326 // 
            
            
            
            JVNDB: JVNDB-2020-000016 // 
            
            
            
            CNNVD: CNNVD-202002-1004 // 
            
            
            
            NVD: CVE-2020-5524

SOURCES
db:CNVDid:CNVD-2020-14326
db:JVNDBid:JVNDB-2020-000016
db:CNNVDid:CNNVD-202002-1004
db:NVDid:CVE-2020-5524

LAST UPDATE DATE
2024-11-23T21:59:29.051000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-14326date:2020-02-28T00:00:00
db:JVNDBid:JVNDB-2020-000016date:2020-02-19T00:00:00
db:CNNVDid:CNNVD-202002-1004date:2020-03-03T00:00:00
db:NVDid:CVE-2020-5524date:2024-11-21T05:34:12.677

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-14326date:2020-02-28T00:00:00
db:JVNDBid:JVNDB-2020-000016date:2020-02-19T00:00:00
db:CNNVDid:CNNVD-202002-1004date:2020-02-19T00:00:00
db:NVDid:CVE-2020-5524date:2020-02-21T10:15:11.670