CVE-2020-5636

Summary

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

Affected Software

VendorProductVersion RangeStatus
NEC CorporationAterm SA3500Gfirmware versions prior to Ver. 3.5.9affected

Weaknesses

  • OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References