An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network.CreditsSou Katou of Mitsui & Co. Secure Direction, Inc.Referenceshttps://jpn.nec.com/security-info/secinfo/nv26-003_en.html
