CVE-2024-36491
published 2024-07-17CVE-2024-36491: FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain…
PriorityP350critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.65%
46.5th percentile
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service (DoS) condition.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| century_systems_co_ltd | futurenet_nxr-1200 | — | — |
| century_systems_co_ltd | futurenet_nxr-120_c | — | — |
| century_systems_co_ltd | futurenet_nxr-125_cx | — | — |
| century_systems_co_ltd | futurenet_nxr-1300_series | — | — |
| century_systems_co_ltd | futurenet_nxr-130_c | — | — |
| century_systems_co_ltd | futurenet_nxr-155_c_series | — | — |
| century_systems_co_ltd | futurenet_nxr-160_lw | — | — |
| century_systems_co_ltd | futurenet_nxr-230_c | — | — |
| century_systems_co_ltd | futurenet_nxr-350_c | — | — |
| century_systems_co_ltd | futurenet_nxr-530 | — | — |
| century_systems_co_ltd | futurenet_nxr-610x_series | — | — |
| century_systems_co_ltd | futurenet_nxr-650 | — | — |
| century_systems_co_ltd | futurenet_nxr-g050_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g060_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g100_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g110_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g120_series | — | — |
| century_systems_co_ltd | futurenet_nxr-g180_l-ca | — | — |
| century_systems_co_ltd | futurenet_nxr-g200_series | — | — |
| century_systems_co_ltd | futurenet_vxr_x64 | — | — |
| century_systems_co_ltd | futurenet_vxr_x86 | — | — |
| century_systems_co_ltd | futurenet_wxr-250 | — | — |
| centurysys | futurenet_nxr-1300_firmware | < 7.4.10 | 7.4.10 |
| centurysys | futurenet_nxr-160_lw_firmware | < 21.8.4 | 21.8.4 |
| centurysys | futurenet_nxr-230_c_firmware | < 5.30.13 | 5.30.13 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://jvn.jp/en/vu/JVNVU96424864/https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.htmlhttps://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.htmlhttps://jvn.jp/en/vu/JVNVU96424864/https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.htmlhttps://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.html
2024-07-17
Published