Sign-up

ID

VAR-202002-1034


CVE

CVE-2020-5525


TITLE

Aterm WF1200CR , WG1200CR and WG2600HS Multiple in OS Command injection vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-000016

DESCRIPTION

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen. Provided by NEC Corporation Aterm WF1200CR , WG1200CR and WG2600HS To the following multiple OS A command injection vulnerability exists. ・ UPnP In function OS Command injection (CWE-78) - CVE-2020-5524 ・ On the management screen OS Command injection (CWE-78) - CVE-2020-5525 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Nippon Telegraph and Telephone Corporation Fujita Rintaro Mr. Kamiyama Takayuki MrThe expected impact depends on each vulnerability, but it may be affected as follows. ・ Of the product UPnP Depending on the user who has access to the feature's interface root Arbitrary with authority OS Command is executed - CVE-2020-5524 -By a user who can access the management screen of the product root Arbitrary with authority OS Command is executed - CVE-2020-5525. NEC Aterm WF1200C and others are wireless routers from NEC Corporation. There is an operating system command injection vulnerability in NEC Aterm WF1200C 1.2.1 and earlier versions, Aterm WG1200CR 1.2.1 and earlier versions and Aterm WG2600HS 1.3.2 and earlier versions, which originated from the process of externally inputting data to construct the operating system executable commands , The network system or product does not properly filter the special characters, commands, etc. An attacker could use this vulnerability to execute illegal operating system commands

Trust: 2.16

sources: NVD: CVE-2020-5525 // JVNDB: JVNDB-2020-000016 // CNVD: CNVD-2020-13182

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-13182

AFFECTED PRODUCTS

vendor:necmodel:aterm wg1200crscope:lteversion:1.2.1

Trust: 1.0

vendor:necmodel:aterm wf1200cscope:lteversion:1.2.1

Trust: 1.0

vendor:necmodel:aterm wg2600hsscope:lteversion:1.3.2

Trust: 1.0

vendor:necmodel:aterm wf1200crscope:eqversion:ver1.2.1

Trust: 0.8

vendor:necmodel:aterm wg1200crscope:eqversion:ver1.2.1

Trust: 0.8

vendor:necmodel:aterm wg2600hsscope:eqversion:ファームウェア ver1.3.2

Trust: 0.8

vendor:necmodel:aterm wg1200crscope:lteversion:<=1.2.1

Trust: 0.6

vendor:necmodel:aterm wg2600hsscope:lteversion:<=1.3.2

Trust: 0.6

vendor:necmodel:aterm wf1200cscope:lteversion:<=1.2.1

Trust: 0.6

vendor:necmodel:aterm wg2600hsscope:eqversion: -

Trust: 0.6

vendor:necmodel:aterm wg1200crscope:eqversion: -

Trust: 0.6

vendor:necmodel:aterm wf1200cscope:eqversion: -

Trust: 0.6

sources: CNVD: CNVD-2020-13182 // JVNDB: JVNDB-2020-000016 // CNNVD: CNNVD-202002-1003 // NVD: CVE-2020-5525

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-5525
value: HIGH

Trust: 1.0

IPA: JVNDB-2020-000016
value: HIGH

Trust: 0.8

IPA: JVNDB-2020-000016
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-13182
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202002-1003
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-5525
severity: HIGH
baseScore: 7.7
vectorString: AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 5.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2020-000016
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2020-000016
severity: HIGH
baseScore: 7.7
vectorString: AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-13182
severity: MEDIUM
baseScore: 5.2
vectorString: AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 5.1
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-5525
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA: JVNDB-2020-000016
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA: JVNDB-2020-000016
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-13182 // JVNDB: JVNDB-2020-000016 // JVNDB: JVNDB-2020-000016 // CNNVD: CNNVD-202002-1003 // NVD: CVE-2020-5525

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.8

sources: JVNDB: JVNDB-2020-000016 // NVD: CVE-2020-5525

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202002-1003

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202002-1003

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-000016

PATCH
title:Atermシリーズにおける複数のOSコマンドインジェクションurl:https://jpn.nec.com/security-info/secinfo/nv20-005.html
Trust: 0.8
title:Patch for NEC Aterm WF1200C, Aterm WG1200CR and Aterm WG2600HS operating system command injection vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/204541
Trust: 0.6
title:NEC Aterm WF1200C , Aterm WG1200CR  and Aterm WG2600HS Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110554
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-13182 // 
            
            
            
            JVNDB: JVNDB-2020-000016 // 
            
            
            
            CNNVD: CNNVD-202002-1003

EXTERNAL IDS
db:NVDid:CVE-2020-5525
Trust: 3.0
db:JVNDBid:JVNDB-2020-000016
Trust: 2.0
db:JVNid:JVN49410695
Trust: 1.6
db:JVNid:JVN25766797
Trust: 0.8
db:CNVDid:CNVD-2020-13182
Trust: 0.6
db:CNNVDid:CNNVD-202002-1003
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-13182 // 
            
            
            
            JVNDB: JVNDB-2020-000016 // 
            
            
            
            CNNVD: CNNVD-202002-1003 // 
            
            
            
            NVD: CVE-2020-5525

REFERENCES
url:https://jpn.nec.com/security-info/secinfo/nv20-003.html
Trust: 1.6
url:https://jvn.jp/en/jp/jvn49410695/index.html
Trust: 1.6
url:https://jvndb.jvn.jp/en/contents/2020/jvndb-2020-000016.html
Trust: 1.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5524
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5525
Trust: 0.8
url:https://jvn.jp/jp/jvn25766797/index.html
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-5525
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-13182 // 
            
            
            
            JVNDB: JVNDB-2020-000016 // 
            
            
            
            CNNVD: CNNVD-202002-1003 // 
            
            
            
            NVD: CVE-2020-5525

SOURCES
db:CNVDid:CNVD-2020-13182
db:JVNDBid:JVNDB-2020-000016
db:CNNVDid:CNNVD-202002-1003
db:NVDid:CVE-2020-5525

LAST UPDATE DATE
2024-11-23T21:59:29.023000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-13182date:2020-02-25T00:00:00
db:JVNDBid:JVNDB-2020-000016date:2020-02-19T00:00:00
db:CNNVDid:CNNVD-202002-1003date:2020-03-03T00:00:00
db:NVDid:CVE-2020-5525date:2024-11-21T05:34:12.790

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-13182date:2020-02-25T00:00:00
db:JVNDBid:JVNDB-2020-000016date:2020-02-19T00:00:00
db:CNNVDid:CNNVD-202002-1003date:2020-02-19T00:00:00
db:NVDid:CVE-2020-5525date:2020-02-21T10:15:11.780