CVE-2024-28014

Name: CVE-2024-28014
Creator: NVD / NIST
Published: 2024-03-28T01:15:47.773+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10EPSS 0.69%

Last modified Jun 17, 2026

CVE-2024-28014 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Stack-based Buffer Overflow vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command via the internet.. EPSS estimates a 0.69% chance of exploitation in the next 30 days.

Description

Stack-based Buffer Overflow vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command via the internet.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.69%

48.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Nec	Aterm Wg1800hp4 Firmware	All versions
Nec	Aterm Wg1200hs3 Firmware	All versions
Nec	Aterm Wg1900hp2 Firmware	All versions
Nec	Aterm Wg1200hp3 Firmware	All versions
Nec	Aterm Wg1800hp3 Firmware	All versions
Nec	Aterm Wg1200hs2 Firmware	All versions
Nec	Aterm Wg1900hp Firmware	All versions
Nec	Aterm Wg1200hp2 Firmware	All versions
Nec	Aterm W1200ex-Ms Firmware	All versions
Nec	Aterm Wg1200hs Firmware	All versions
Nec	Aterm Wg1200hp Firmware	All versions
Nec	Aterm Wf300hp2 Firmware	All versions
Nec	Aterm W300p Firmware	All versions
Nec	Aterm Wf800hp Firmware	All versions
Nec	Aterm Wr8165n Firmware	All versions
Nec	Aterm Wg2200hp Firmware	All versions
Nec	Aterm Wf1200hp2 Firmware	All versions
Nec	Aterm Wg1800hp2 Firmware	All versions
Nec	Aterm Wf1200hp Firmware	All versions
Nec	Aterm Wg600hp Firmware	All versions
Nec	Aterm Wg300hp Firmware	All versions
Nec	Aterm Wf300hp Firmware	All versions
Nec	Aterm Wg1800hp Firmware	All versions
Nec	Aterm Wg1400hp Firmware	All versions
Nec	Aterm Wr8175n Firmware	All versions
Nec	Aterm Wr9300n Firmware	All versions
Nec	Aterm Wr8750n Firmware	All versions
Nec	Aterm Wr8160n Firmware	All versions
Nec	Aterm Wr9500n Firmware	All versions
Nec	Aterm Wr8600n Firmware	All versions
Nec	Aterm Wr8370n Firmware	All versions
Nec	Aterm Wr8170n Firmware	All versions
Nec	Aterm Wr8700n Firmware	All versions
Nec	Aterm Wr8300n Firmware	All versions
Nec	Aterm Wr8150n Firmware	All versions
Nec	Aterm Wr4100n Firmware	All versions
Nec	Aterm Wr4500n Firmware	All versions
Nec	Aterm Wr8100n Firmware	All versions
Nec	Aterm Wr8500n Firmware	All versions
Nec	Aterm Cr2500p Firmware	All versions
Nec	Aterm Wr8400n Firmware	All versions
Nec	Aterm Wr8200n Firmware	All versions
Nec	Aterm Wr1200h Firmware	All versions
Nec	Aterm Wr7870s Firmware	All versions
Nec	Aterm Wr6670s Firmware	All versions
Nec	Aterm Wr7850s Firmware	All versions
Nec	Aterm Wr6650s Firmware	All versions
Nec	Aterm Wr6600h Firmware	All versions
Nec	Aterm Wr7800h Firmware	All versions
Nec	Aterm Wm3400rn Firmware	All versions

Showing 50 of 59 affected configurations. See NVD for the full list.

References

https://jpn.nec.com/security-info/secinfo/nv24-001_en.htmlVendor Advisory
https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.htmlBroken Link

Timeline

Published: Mar 28, 2024
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2024-28014?

How severe is CVE-2024-28014?

CVE-2024-28014 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 0.69% probability of exploitation in the next 30 days.

How do I fix CVE-2024-28014?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-28014?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST