CVE-2026-4621
Received
Received - Intake
Hidden Functionality in NEC Aterm Enables Unauthorized Telnet Access
Publication date: 2026-03-27
Last updated on: 2026-04-20
Assigner: NEC Corporation
Description
Description
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nec | aterm_wg1200hp4_firmware | * |
| nec | aterm_wg2600hs_firmware | to 1.7.2 (exc) |
| nec | aterm_wf1200cr_firmware | to 1.6.0 (exc) |
| nec | aterm_wg1200cr_firmware | to 1.5.0 (exc) |
| nec | aterm_wg2600hp4_firmware | to 1.4.2 (exc) |
| nec | aterm_wg2600hm4_firmware | to 1.4.2 (exc) |
| nec | aterm_wg2600hs2_firmware | to 1.3.2 (exc) |
| nec | aterm_wx3000hp_firmware | to 2.5.0 (exc) |
| nec | aterm_wx3600hp_firmware | to 1.5.3 (inc) |
| nec | aterm_w1200ex-ms_firmware | * |
| nec | aterm_wg1200hp2_firmware | * |
| nec | aterm_wg1900hp_firmware | * |
| nec | aterm_wg1200hs2_firmware | * |
| nec | aterm_wg1800hp3_firmware | * |
| nec | aterm_wg1200hp3_firmware | * |
| nec | aterm_wg1900hp2_firmware | * |
| nec | aterm_wg1200hs3_firmware | * |
| nec | aterm_wg1800hp4_firmware | * |
| nec | aterm_wg1200hs4_firmware | * |
| nec | aterm_wx1500hp_firmware | to 1.4.2 (exc) |
| nec | aterm_wx3000hp2_firmware | to 1.3.2 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-912 | The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators. |
