CVE-2024-36475

None

Description

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed.

INFO

Published Date :

2024-07-17T08:48:33.524Z

Last Modified :

2024-08-02T03:37:05.246Z

Source :

jpcert

AFFECTED PRODUCTS

The following products are affected by CVE-2024-36475 vulnerability.

Vendors	Products
Centurysys	Futurenet Nxr-1200 Futurenet Nxr-1200 Firmware Futurenet Nxr-120\/c Futurenet Nxr-120\/c Firmware Futurenet Nxr-125\/cx Futurenet Nxr-125\/cx Firmware Futurenet Nxr-1300 Firmware Futurenet Nxr-130\/c Futurenet Nxr-130\/c Firmware Futurenet Nxr-155\/c Firmware Futurenet Nxr-160\/lw Futurenet Nxr-160\/lw Firmware Futurenet Nxr-230\/c Futurenet Nxr-230\/c Firmware Futurenet Nxr-350\/c Futurenet Nxr-350\/c Firmware Futurenet Nxr-530 Futurenet Nxr-530 Firmware Futurenet Nxr-610x Firmware Futurenet Nxr-650 Futurenet Nxr-650 Firmware Futurenet Nxr-g050 Firmware Futurenet Nxr-g060 Firmware Futurenet Nxr-g100 Firmware Futurenet Nxr-g110 Firmware Futurenet Nxr-g120 Firmware Futurenet Nxr-g180\/l-ca Futurenet Nxr-g180\/l-ca Firmware Futurenet Nxr-g200 Firmware Futurenet Vxr-x64 Futurenet Vxr-x86 Futurenet Vxr\/x64 Firmware Futurenet Vxr\/x86 Firmware Futurenet Wxr-250 Futurenet Wxr-250 Firmware

Vendors

Products

Centurysys

Futurenet Nxr-1200
Futurenet Nxr-1200 Firmware
Futurenet Nxr-120\/c
Futurenet Nxr-120\/c Firmware
Futurenet Nxr-125\/cx
Futurenet Nxr-125\/cx Firmware
Futurenet Nxr-1300 Firmware
Futurenet Nxr-130\/c
Futurenet Nxr-130\/c Firmware
Futurenet Nxr-155\/c Firmware
Futurenet Nxr-160\/lw
Futurenet Nxr-160\/lw Firmware
Futurenet Nxr-230\/c
Futurenet Nxr-230\/c Firmware
Futurenet Nxr-350\/c
Futurenet Nxr-350\/c Firmware
Futurenet Nxr-530
Futurenet Nxr-530 Firmware
Futurenet Nxr-610x Firmware
Futurenet Nxr-650
Futurenet Nxr-650 Firmware
Futurenet Nxr-g050 Firmware
Futurenet Nxr-g060 Firmware
Futurenet Nxr-g100 Firmware
Futurenet Nxr-g110 Firmware
Futurenet Nxr-g120 Firmware
Futurenet Nxr-g180\/l-ca
Futurenet Nxr-g180\/l-ca Firmware
Futurenet Nxr-g200 Firmware
Futurenet Vxr-x64
Futurenet Vxr-x86
Futurenet Vxr\/x64 Firmware
Futurenet Vxr\/x86 Firmware
Futurenet Wxr-250
Futurenet Wxr-250 Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-36475.

URL	Resource
https://jvn.jp/en/vu/JVNVU96424864/
https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.html
https://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.html

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact