CVE-2018-16192 — Sensitive Information Exposure in Aterm Wf1200cr Firmware

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 73.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

NEC Aterm Wf1200cr Firmware NEC Aterm Wg1200cr Firmware NEC Corporation Aterm Wf1200cr AND Aterm Wg1200cr

Timeline

PublishedJan 9

Latest updateMay 14

Description

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allow an attacker on the same network segment to obtain information registered on the device via unspecified vectors.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶NVDnec/aterm_wf1200cr_firmware1.1.1

▶NVDnec/aterm_wg1200cr_firmware1.0.1

▶CVEListV5nec_corporation/aterm_wf1200cr_and_aterm_wg1200cr(Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)

🔴Vulnerability Details

GHSA

GHSA-rv22-5gfw-ccxw: Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1↗2022-05-14

▶

CVEList

CVE-2018-16192: Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1↗2019-01-09

▶