Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.
AnalysisAI
Multiple NEC Aterm wireless router models are vulnerable to OS command injection that enables network-based attackers with high privileges and user interaction to execute arbitrary operating system commands. The vulnerability carries a CVSS 4.0 score of 7.1 and affects at least eight router models in the Aterm series including WG2600HS, WF1200CR, WG1200CR, WG2600HP4, WG2600HM4, WG2600HS2, WX3000HP, and WX3000HP2. No public exploit identified at time of analysis, though exploitation requires both elevated privileges and user interaction which reduces immediate risk.
Technical ContextAI
This is a CWE-78 OS Command Injection vulnerability affecting the firmware of NEC Platforms Aterm-branded wireless routers and gateways. Command injection vulnerabilities occur when an application passes unsafe user-supplied data to a system shell, allowing attackers to append additional commands that execute with the privileges of the vulnerable application. The affected products include consumer and small business wireless routers spanning multiple model generations: cpe:2.3:a:nec_platforms,_ltd.:aterm_wg2600hs, aterm_wf1200cr, aterm_wg1200cr, aterm_wg2600hp4, aterm_wg2600hm4, aterm_wg2600hs2, aterm_wx3000hp, and aterm_wx3000hp2. Based on the network attack vector and router context, the vulnerability likely exists in the device's web management interface or administrative API where input validation fails to properly sanitize commands before passing them to underlying system calls.
RemediationAI
Consult the NEC security advisory at https://jpn.nec.com/security-info/secinfo/nv26-001_en.html for specific firmware updates addressing this vulnerability for each affected Aterm router model. Apply the latest firmware updates provided by NEC Platforms as soon as testing permits. Until patching is completed, restrict administrative access to the router management interface to trusted IP addresses only, disable remote management features if not required, enforce strong unique administrative passwords, implement network segmentation to isolate router management interfaces from general user networks, and monitor administrative access logs for suspicious activity. Consider deploying the routers behind additional network security controls if they must remain accessible for remote administration before patches can be applied.
More in Aterm Wg2600Hs
View allNEC Aterm wireless router series (including WG1200HP2, WG1900HP, WG1800HP3, WG1200HP4, and nine other models) contain hi
NEC Aterm wireless router series (W1200Ex-MS, WG1200HP2, WG1900HP, WG1800HP3, WG1800HP4, WG1200HP3, WG1200HP4, WG1200HS2
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-16591