← back
CVE-2026-4309

CVE-2026-4309

CVSS 6.3 MEDIUMEPSS 0.1%CWE-862
Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network.
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Affected products
NEC Platforms, Ltd. · Aterm GB1200PENEC Platforms, Ltd. · Aterm GX1200HPNEC Platforms, Ltd. · Aterm GX1200HS4NEC Platforms, Ltd. · Aterm W1200EX(-MS)NEC Platforms, Ltd. · Aterm WF1200CRNEC Platforms, Ltd. · Aterm WG1200CRNEC Platforms, Ltd. · Aterm WG1200DM4NEC Platforms, Ltd. · Aterm WG1200HP2NEC Platforms, Ltd. · Aterm WG1200HP3NEC Platforms, Ltd. · Aterm WG1200HP4NEC Platforms, Ltd. · Aterm WG1200HS2NEC Platforms, Ltd. · Aterm WG1200HS3NEC Platforms, Ltd. · Aterm WG1200HS4NEC Platforms, Ltd. · Aterm WG1800HP3NEC Platforms, Ltd. · Aterm WG1800HP4NEC Platforms, Ltd. · Aterm WG1900HPNEC Platforms, Ltd. · Aterm WG1900HP2NEC Platforms, Ltd. · Aterm WG2600HM4NEC Platforms, Ltd. · Aterm WG2600HP4NEC Platforms, Ltd. · Aterm WG2600HSNEC Platforms, Ltd. · Aterm WG2600HS2NEC Platforms, Ltd. · Aterm WX1500HPNEC Platforms, Ltd. · Aterm WX3000HPNEC Platforms, Ltd. · Aterm WX3600HP

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jpn.nec.com/security-info/secinfo/nv26-001_en.html