CVE-2026-4309: Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device infor

Description

A vulnerability, which was classified as critical, has been found in NEC Platforms Aterm W1200EX, Aterm WG1200HP2, Aterm WG1900HP, Aterm WG1200HS2, Aterm WG1800HP3, Aterm WG1200HP3, Aterm WG1900HP2, Aterm WG1200HS3, Aterm WG1800HP4, Aterm WG1200HP4, Aterm WG1200HS4, Aterm WX1500HP, Aterm WG2600HS, Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HP4, Aterm WG2600HM4, Aterm WG2600HS2, Aterm WX3000HP and Aterm WX3600HP. The affected element is an unknown function of the component Setting Handler. Performing a manipulation results in missing authorization.

Affected Products

Vendor	Product	Versions
nec platforms	aterm w1200ex(-ms)	All versions, All versions, All versions, All versions, All versions, All versions, All versions, All versions, All versions, All versions, All versions, Before Ver. 1.4.2, Before Ver. 1.7.2, Before Ver. 1.6.0, Before Ver. 1.5.0, Before Ver. 1.4.2, Before Ver. 1.4.2, Before Ver. 1.3.2, Before Ver. 2.5.0, Before Ver. 1.5.3, Aterm W1200EX, Aterm WG1200HP2, Aterm WG1900HP, Aterm WG1200HS2, Aterm WG1800HP3, Aterm WG1200HP3, Aterm WG1900HP2, Aterm WG1200HS3, Aterm WG1800HP4, Aterm WG1200HP4, Aterm WG1200HS4, Aterm WX1500HP, Aterm WG2600HS, Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HP4, Aterm WG2600HM4, Aterm WG2600HS2, Aterm WX3000HP, Aterm WX3600HP

References

https://jpn.nec.com/security-info/secinfo/nv26-001_en.html

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2026-4309 | NEC Platforms Aterm W1200EX Setting authorization

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-862

Published3/27/2026

Last enriched2h agov2

Trending Score50

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 2h ago

v2Tier C2h ago

Updated severity to CRITICAL, added multiple affected products and versions, and corrected exploit availability status.

descriptionaffectedVersionsseverityactivelyExploited

via VulDB

v12h ago

Initial creation

Description

Affected Products

Vendor

Product

Versions

nec platforms

aterm w1200ex(-ms)

All versions, All versions, All versions, All versions, All versions, All versions, All versions, All versions, All versions, All versions, All versions, Before Ver. 1.4.2, Before Ver. 1.7.2, Before Ver. 1.6.0, Before Ver. 1.5.0, Before Ver. 1.4.2, Before Ver. 1.4.2, Before Ver. 1.3.2, Before Ver. 2.5.0, Before Ver. 1.5.3, Aterm W1200EX, Aterm WG1200HP2, Aterm WG1900HP, Aterm WG1200HS2, Aterm WG1800HP3, Aterm WG1200HP3, Aterm WG1900HP2, Aterm WG1200HS3, Aterm WG1800HP4, Aterm WG1200HP4, Aterm WG1200HS4, Aterm WX1500HP, Aterm WG2600HS, Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HP4, Aterm WG2600HM4, Aterm WG2600HS2, Aterm WX3000HP, Aterm WX3600HP