CVE-2018-0632

HIGH

Aterm W300P Firmware < 1.0.13 - Authenticated Buffer Overflow via HTTP Request

Title source: llm

Description

Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via HTTP request and response.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://jpn.nec.com/security-info/secinfo/nv18-011.html

Third Party Advisory third-party-advisory x_refsource_jvn

https://jvn.jp/en/jp/JVN26629618/index.html

Scores

CVSS v3 7.2

EPSS 0.0180

EPSS Percentile 75.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

nec/aterm_w300p_firmware < 1.0.13

Published Jan 09, 2019

Tracked Since Feb 18, 2026