CVE-2026-4620: OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS command

Description

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

Vendor	Product	Versions
nec platforms	aterm wx1500hp	Before Ver. 1.4.2, Before Ver. 1.4.2

Tier C

VulDB4h ago

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-78

Published3/27/2026

Last enriched4h agov2

Trending Score44

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

0 upvotes0 downvotes

No votes yet

State: unverified

Confidence: 0%

Last enriched 4h ago

v2Tier C4h ago

Updated vendor to NEC Platforms, added Aterm WX3600HP as a product, changed severity to CRITICAL, and noted that no exploit is available.

severityactivelyExploited

via VulDB

v14h ago

Initial creation