Volerion logoVolerion
Volerion logoVolerion

NEC Aterm Series Cross-Site Scripting Vulnerability

Vulnerability

A cross-site scripting vulnerability has been identified in the NEC Aterm series routers. This issue allows arbitrary scripts to be executed in the web browser of a user accessing the web management interface over an adjacent network. The vulnerability affects several models, including the WX1800HP, WX5400HP, WX7800T8, WX11000T12, WX3000HP2, WX4200D5, GX621A1, SH621A1, and 19000T12BE, all prior to their respective latest versions.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject and execute malicious scripts in the context of the user's browser.

Remediation

Users are advised to update their devices to the latest version. For more information, please visit the NEC Aterm support page (available only in Japanese).

Added: May 26, 2026, 8:17 PM
Updated: May 26, 2026, 8:17 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
1.7
exploitability
4.6
remediation
7.7
relevance
9.4
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.