CVE-2025-0354

Name of the Vulnerable Software and Affected Versions NEC Corporation Aterm WG2600HS versions 1.7.2 and earlier NEC Corporation Aterm WG2600HP4 versions 1.4.2 and earlier NEC Corporation Aterm WG2600HM4 versions 1.4.2 and earlier NEC Corporation Aterm WG2600HS2 versions 1.3.2 and earlier NEC Corporation Aterm WX3000HP versions 2.4.2 and earlier NEC Corporation Aterm WX4200D5 versions 1.2.4 and earlier

Description A cross-site scripting issue allows an attacker to inject an arbitrary script via the network. This can potentially lead to unauthorized actions on the affected system.

Recommendations For NEC Corporation Aterm WG2600HS versions 1.7.2 and earlier, update to a version later than 1.7.2 to resolve the issue. For NEC Corporation Aterm WG2600HP4 versions 1.4.2 and earlier, update to a version later than 1.4.2 to resolve the issue. For NEC Corporation Aterm WG2600HM4 versions 1.4.2 and earlier, update to a version later than 1.4.2 to resolve the issue. For NEC Corporation Aterm WG2600HS2 versions 1.3.2 and earlier, update to a version later than 1.3.2 to resolve the issue. For NEC Corporation Aterm WX3000HP versions 2.4.2 and earlier, update to a version later than 2.4.2 to resolve the issue. For NEC Corporation Aterm WX4200D5 versions 1.2.4 and earlier, update to a version later than 1.2.4 to resolve the issue.