CVE-2025-0355

Name of the Vulnerable Software and Affected Versions NEC Corporation Aterm WG2600HS versions 1.7.2 and earlier NEC Corporation Aterm WF1200CRS versions 1.6.0 and earlier NEC Corporation Aterm WG1200CRS versions 1.5.0 and earlier NEC Corporation Aterm GB1200PE versions 1.3.0 and earlier NEC Corporation Aterm WG2600HP4 versions 1.4.2 and earlier NEC Corporation Aterm WG2600HM4 versions 1.4.2 and earlier NEC Corporation Aterm WG2600HS2 versions 1.3.2 and earlier NEC Corporation Aterm WX3000HP versions 2.4.2 and earlier NEC Corporation Aterm WX4200D5 versions 1.2.4 and earlier

Description The issue allows an attacker to obtain a Wi-Fi password via the network due to missing authentication for a critical function.

Recommendations For NEC Corporation Aterm WG2600HS versions 1.7.2 and earlier, update to a version later than 1.7.2. For NEC Corporation Aterm WF1200CRS versions 1.6.0 and earlier, update to a version later than 1.6.0. For NEC Corporation Aterm WG1200CRS versions 1.5.0 and earlier, update to a version later than 1.5.0. For NEC Corporation Aterm GB1200PE versions 1.3.0 and earlier, update to a version later than 1.3.0. For NEC Corporation Aterm WG2600HP4 versions 1.4.2 and earlier, update to a version later than 1.4.2. For NEC Corporation Aterm WG2600HM4 versions 1.4.2 and earlier, update to a version later than 1.4.2. For NEC Corporation Aterm WG2600HS2 versions 1.3.2 and earlier, update to a version later than 1.3.2. For NEC Corporation Aterm WX3000HP versions 2.4.2 and earlier, update to a version later than 2.4.2. For NEC Corporation Aterm WX4200D5 versions 1.2.4 and earlier, update to a version later than 1.2.4.