CVE-2024-28013 Information

Description

Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4 WG1200HS3 WG1900HP2 WG1200HP3 WG1800HP3 WG1200HS2 WG1900HP WG1200HP2 W1200EX(-MS) WG1200HS WG1200HP WF300HP2 W300P WF800HP WR8165N WG2200HP WF1200HP2 WG1800HP2 WF1200HP WG600HP WG300HP WF300HP WG1800HP WG1400HP WR8175N WR9300N WR8750N WR8160N WR9500N WR8600N WR8370N WR8170N WR8700N WR8300N WR8150N WR4100N WR4500N WR8100N WR8500N CR2500P WR8400N WR8200N WR1200H WR7870S WR6670S WR7850S WR6650S WR6600H WR7800H WM3400RN WM3450RN WM3500R WM3600R WM3800R WR8166N MR01LN and MR02LN all versions allows a attacker to change settings via the internet.

Reference

https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html