Details of VAR-202002-1041

ID

VAR-202002-1041

CVE

CVE-2020-5534

TITLE

Aterm WG2600HS Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2020-000015

DESCRIPTION

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. Provided by NEC Corporation Aterm WG2600HS Is vulnerable to several vulnerabilities: ・ Cross-site scripting (CWE-79) - CVE-2020-5533 ・ OS Command injection (CWE-78) - CVE-2020-5534 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Nagaoka Satoru MrThe expected impact depends on each vulnerability, but it may be affected as follows. -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2020-5533 ・ Of the product HTTP Depending on the user who can log in to the service root Arbitrary with authority OS Command is executed - CVE-2020-5534. NEC Aterm WG2600HS is a wireless router from NEC Corporation. The operating system command injection vulnerability exists in NEC Aterm WG2600HS version 1.3.2. The vulnerability stems from the process of externally inputting data to construct the executable command of the operating system, and the network system or product did not properly filter the special characters and commands. An attacker could use this vulnerability to execute illegal operating system commands

Trust: 2.16

sources: NVD: CVE-2020-5534 // JVNDB: JVNDB-2020-000015 // CNVD: CNVD-2020-13041

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-13041

AFFECTED PRODUCTS

vendor:	nec	model:	aterm wg2600hs	scope:	lte	version:	1.3.2	Trust: 1.0
vendor:	nec	model:	aterm wg2600hs	scope:	eq	version:	ファームウェア ver1.3.2	Trust: 0.8
vendor:	nec	model:	aterm wg2600hs	scope:	eq	version:	1.3.2	Trust: 0.6
vendor:	nec	model:	aterm wg2600hs	scope:	eq	version:	-	Trust: 0.6

sources: CNVD: CNVD-2020-13041 // JVNDB: JVNDB-2020-000015 // CNNVD: CNNVD-202002-996 // NVD: CVE-2020-5534

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-5534
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2020-000015
value:	HIGH
Trust: 0.8
IPA:	JVNDB-2020-000015
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2020-13041
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202002-996
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2020-5534
severity:	HIGH
baseScore:	7.7
vectorString:	AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
IPA:	JVNDB-2020-000015
severity:	HIGH
baseScore:	7.7
vectorString:	AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2020-000015
severity:	LOW
baseScore:	2.6
vectorString:	AV:N/AC:H/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-13041
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-5534
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.1
impactScore:	5.9
version:	3.1
Trust: 1.0
IPA:	JVNDB-2020-000015
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA:	JVNDB-2020-000015
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-13041 // JVNDB: JVNDB-2020-000015 // JVNDB: JVNDB-2020-000015 // CNNVD: CNNVD-202002-996 // NVD: CVE-2020-5534

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.8
problemtype:	CWE-79	Trust: 0.8

sources: JVNDB: JVNDB-2020-000015 // NVD: CVE-2020-5534

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202002-996

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202002-996

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-000015

PATCH

title:	Aterm WG2600HSにおける複数の脆弱性	url:	https://jpn.nec.com/security-info/secinfo/nv20-003.html	Trust: 0.8
title:	Patch for NEC Aterm WG2600HS OS command execution vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/203957	Trust: 0.6
title:	NEC Aterm WG2600HS Fixes for operating system command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110550	Trust: 0.6

sources: CNVD: CNVD-2020-13041 // JVNDB: JVNDB-2020-000015 // CNNVD: CNNVD-202002-996

EXTERNAL IDS

db:	NVD	id:	CVE-2020-5534	Trust: 3.0
db:	JVN	id:	JVN49410695	Trust: 2.4
db:	JVNDB	id:	JVNDB-2020-000015	Trust: 1.4
db:	CNVD	id:	CNVD-2020-13041	Trust: 0.6
db:	CNNVD	id:	CNNVD-202002-996	Trust: 0.6

sources: CNVD: CNVD-2020-13041 // JVNDB: JVNDB-2020-000015 // CNNVD: CNNVD-202002-996 // NVD: CVE-2020-5534

REFERENCES

url:	https://jpn.nec.com/security-info/secinfo/nv20-003.html	Trust: 1.6
url:	https://jvn.jp/en/jp/jvn49410695/index.html	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-5534	Trust: 1.2
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5533	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5534	Trust: 0.8
url:	https://jvn.jp/jp/jvn49410695/index.html	Trust: 0.8
url:	https://jvndb.jvn.jp/en/contents/2020/jvndb-2020-000015.html	Trust: 0.6

sources: CNVD: CNVD-2020-13041 // JVNDB: JVNDB-2020-000015 // CNNVD: CNNVD-202002-996 // NVD: CVE-2020-5534

SOURCES

db:	CNVD	id:	CNVD-2020-13041
db:	JVNDB	id:	JVNDB-2020-000015
db:	CNNVD	id:	CNNVD-202002-996
db:	NVD	id:	CVE-2020-5534

LAST UPDATE DATE

2024-08-14T14:19:05.512000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-13041	date:	2020-02-24T00:00:00
db:	JVNDB	id:	JVNDB-2020-000015	date:	2020-02-19T00:00:00
db:	CNNVD	id:	CNNVD-202002-996	date:	2020-03-03T00:00:00
db:	NVD	id:	CVE-2020-5534	date:	2020-02-21T17:21:52.043

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-13041	date:	2020-02-24T00:00:00
db:	JVNDB	id:	JVNDB-2020-000015	date:	2020-02-19T00:00:00
db:	CNNVD	id:	CNNVD-202002-996	date:	2020-02-19T00:00:00
db:	NVD	id:	CVE-2020-5534	date:	2020-02-21T10:15:11.937