7.5
CVE-2025-0355
- EPSS 0.13%
- Veröffentlicht 15.01.2025 08:15:26
- Zuletzt bearbeitet 21.01.2025 04:15:07
- Quelle psirt-info@cyber.jp.nec.com
- Teams Watchlist Login
- Unerledigt Login
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to get a Wi-Fi password via the network.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerNEC Corporation
≫
Produkt
WG2600HS
Default Statusunknown
Version
Ver.1.7.2 and earlier
Status
affected
HerstellerNEC Corporation
≫
Produkt
WF1200CR
Default Statusunknown
Version
Ver.1.6.0 and earlier
Status
affected
HerstellerNEC Corporation
≫
Produkt
WG1200CR
Default Statusunknown
Version
Ver.1.5.0 and earlier
Status
affected
HerstellerNEC Corporation
≫
Produkt
GB1200PE
Default Statusunknown
Version
Ver.1.3.0 and earlier
Status
affected
HerstellerNEC Corporation
≫
Produkt
WG2600HP4
Default Statusunknown
Version
Ver.1.4.2 and earlier
Status
affected
HerstellerNEC Corporation
≫
Produkt
WG2600HM4
Default Statusunknown
Version
Ver.1.4.2 and earlier
Status
affected
HerstellerNEC Corporation
≫
Produkt
WG2600HS2
Default Statusunknown
Version
Ver.1.3.2 and earlier
Status
affected
HerstellerNEC Corporation
≫
Produkt
WX3000HP
Default Statusunknown
Version
Ver.2.4.2 and earlier
Status
affected
HerstellerNEC Corporation
≫
Produkt
WX4200D5
Default Statusunknown
Version
Ver.1.2.4 and earlier
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.339 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt-info@cyber.jp.nec.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.