Skip to main content

Severity by source

NVD PRIMARY
6.3 MEDIUM
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
EUVD ID Assigned
Mar 27, 2026 - 12:15 euvd
EUVD-2026-16589
Analysis Generated
Mar 27, 2026 - 12:15 vuln.today
CVE Published
Mar 27, 2026 - 11:52 nvd
MEDIUM 6.3

DescriptionCVE.org

Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.

AnalysisAI

NEC Aterm wireless router series (including WG1200HP2, WG1900HP, WG1800HP3, WG1200HP4, and nine other models) contain hidden telnet functionality that can be remotely enabled by unauthenticated network attackers via unspecified means, classified as CWE-912 (Hidden Functionality). The vulnerability carries a CVSS 6.3 score reflecting network-accessible attack vector with high complexity requirements and limited confidentiality/integrity impact. No public exploit code or active exploitation via CISA KEV has been confirmed at analysis time, though the remote enablement of administrative telnet access represents a significant privilege escalation pathway for subsequent unauthorized system access.

Technical ContextAI

The vulnerability exists in NEC Platforms, Ltd. Aterm series routers, a consumer/small-business wireless networking product line widely deployed across Japanese and Asian markets. The root cause is classified as CWE-912 (Hidden Functionality in Binary Black-Box), indicating that undocumented administrative or debugging telnet functionality exists within firmware but is not exposed through normal configuration interfaces. An attacker with network access can trigger activation of this hidden service without authentication (PR:N per CVSS vector), likely through malformed requests, specific packet sequences, or exploitation of an undocumented configuration parameter. Telnet is an unencrypted remote shell protocol; once enabled, it typically allows full device administration with root or equivalent privileges, making it a high-value post-exploitation target even if the initial enablement attack vector is difficult (AC:H).

RemediationAI

Check the NEC security advisory at https://jpn.nec.com/security-info/secinfo/nv26-001_en.html for firmware patches specific to your Aterm model and apply the latest available firmware version immediately. If exact patch versions are not yet released, isolate affected routers from untrusted networks using firewall rules that restrict inbound access to the device management interface, disable remote management features if available, and implement network segmentation to limit potential telnet access pathways. Periodically monitor NEC's security announcements for patch releases for your specific Aterm model, and disable or restrict telnet in favor of SSH if administrative access via telnet becomes unexpectedly enabled.

Share

CVE-2026-4621 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy