CVE-2024-36491

Description

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service (DoS) condition.

CVSS breakdown

Affected products

• Century Systems Co., Ltd. / FutureNet NXR-1200firmware version 5.25.21 and earlier – firmware version 5.25.21 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-120/Cfirmware version 5.25.7H and earlier – firmware version 5.25.7H and earlier
• Century Systems Co., Ltd. / FutureNet NXR-125/CXfirmware version 5.25.7H and earlier – firmware version 5.25.7H and earlier
• Century Systems Co., Ltd. / FutureNet NXR-1300 seriesfirmware version 7.4.9 and earlier – firmware version 7.4.9 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-130/Cfirmware version 5.13.21 and earlier – firmware version 5.13.21 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-155/C seriesfirmware version 5.22.5M and earlier – firmware version 5.22.5M and earlier
• Century Systems Co., Ltd. / FutureNet NXR-160/LWfirmware version 21.8.3 and earlier – firmware version 21.8.3 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-230/Cfirmware version 5.30.12 and earlier – firmware version 5.30.12 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-350/Cfirmware version 5.30.9 and earlier – firmware version 5.30.9 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-530firmware version 21.11.13 and earlier – firmware version 21.11.13 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-610X seriesfirmware version 21.14.11 and earlier – firmware version 21.14.11 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-650firmware version 21.16.1 and earlier – firmware version 21.16.1 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-G050 seriesfirmware version 21.12.9 and earlier – firmware version 21.12.9 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-G060 seriesfirmware version 21.15.5 and earlier – firmware version 21.15.5 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-G100 seriesfirmware version 6.23.10 and earlier – firmware version 6.23.10 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-G110 seriesfirmware version 21.7.30C and earlier – firmware version 21.7.30C and earlier
• Century Systems Co., Ltd. / FutureNet NXR-G120 seriesfirmware version 21.15.2 and earlier – firmware version 21.15.2 and earlier
• Century Systems Co., Ltd. / FutureNet NXR-G180/L-CAfirmware version 21.7.28B and earlier – firmware version 21.7.28B and earlier
• Century Systems Co., Ltd. / FutureNet NXR-G200 seriesfirmware version 9.12.15 and earlier – firmware version 9.12.15 and earlier
• Century Systems Co., Ltd. / FutureNet VXR-x64firmware version 21.7.31 and earlier – firmware version 21.7.31 and earlier
• Century Systems Co., Ltd. / FutureNet VXR-x86firmware version 10.1.4 and earlier – firmware version 10.1.4 and earlier
• Century Systems Co., Ltd. / FutureNet WXR-250firmware version 1.4.7 and earlier – firmware version 1.4.7 and earlier

References

• MISChttps://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.html
• MISChttps://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.html
• MISChttps://jvn.jp/en/vu/JVNVU96424864/