CVE-2024-31070
published 2024-07-17CVE-2024-31070: Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd…
PriorityP262critical9.1CVSS 3.1
AVNACLPRNUINSUCHINAH
EPSS
0.75%
50.3th percentile
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| century_systems_co_ltd | futurenet_nxr-1200 | — | — |
| century_systems_co_ltd | futurenet_nxr-120_c | — | — |
| century_systems_co_ltd | futurenet_nxr-125_cx | — | — |
| century_systems_co_ltd | futurenet_nxr-1300_series | — | — |
| century_systems_co_ltd | futurenet_nxr-130_c | — | — |
| century_systems_co_ltd | futurenet_nxr-155_c_series | — | — |
| century_systems_co_ltd | futurenet_nxr-160_lw | — | — |
| century_systems_co_ltd | futurenet_nxr-230_c | — | — |
| century_systems_co_ltd | futurenet_nxr-350_c | — | — |
| century_systems_co_ltd | futurenet_nxr-530 | — | — |
| century_systems_co_ltd | futurenet_nxr-610x_series | — | — |
| century_systems_co_ltd | futurenet_nxr-650 | — | — |
| century_systems_co_ltd | futurenet_nxr-g050_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g060_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g100_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g110_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g120_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g180_l-ca | — | — |
| century_systems_co_ltd | futurenet_nxr-g200_series | — | — |
| century_systems_co_ltd | futurenet_vxr_x64 | — | — |
| century_systems_co_ltd | futurenet_vxr_x86 | — | — |
| century_systems_co_ltd | futurenet_wxr-250 | — | — |
| centurysys | futurenet_nxr-1300_firmware | < 7.4.10 | 7.4.10 |
| centurysys | futurenet_nxr-160_lw_firmware | < 21.8.4 | 21.8.4 |
| centurysys | futurenet_nxr-230_c_firmware | < 5.30.13 | 5.30.13 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://jvn.jp/en/vu/JVNVU96424864/https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.htmlhttps://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.htmlhttps://jvn.jp/en/vu/JVNVU96424864/https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.htmlhttps://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.html
2024-07-17
Published