[Japanese]

JVNDB-2024-003181

Hidden Functionality vulnerability in DT900

Overview

DT900 contains a Hidden Functionality vulnerability(CWE-912). Specified versions allow an attacker to access the system setting.

reported by Mr. Gianluca Altomani and Mr. Manuel Romei. for NEC-PSIRT
CVSS Severity (What is CVSS?)

Affected Products


NEC Corporation
  • DT900

Please refer to Vendor Information for more details.
Impact

Regarding the impact of the vulnerability, please refer to the vendor advisory.

Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

NEC Corporation
CWE (What is CWE?)

  1. Hidden Functionality(CWE-912) [Vendor Evaluation]
CVE (What is CVE?)

  1. CVE-2024-3016
References

Revision History

  • [2024/05/10]
      Web page was published