Cyber Resilience

CVE-2024-28011

Critical

Published: 28 March 2024

Published
28 March 2024
Modified
29 September 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0043 62.7th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-28011 is a critical-severity Hidden Functionality (CWE-912) vulnerability in Nec Aterm Wg1800Hp4 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 37.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Hidden Functionality vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N,…

more

WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command with the root privilege via the internet

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

nec
aterm wg1800hp4 firmware
all versions
nec
aterm wg1200hs3 firmware
all versions
nec
aterm wg1900hp2 firmware
all versions
nec
aterm wg1200hp3 firmware
all versions
nec
aterm wg1800hp3 firmware
all versions
nec
aterm wg1200hs2 firmware
all versions
nec
aterm wg1900hp firmware
all versions
nec
aterm wg1200hp2 firmware
all versions
nec
aterm w1200ex-ms firmware
all versions
nec
aterm wg1200hs firmware
all versions
+49 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-912

Documenting every system component at the required granularity and reviewing the inventory detects or prevents hidden functionality from remaining undetected.

addresses: CWE-912

Recovery eliminates hidden functionality or backdoors introduced during compromise.

addresses: CWE-912

Policy requires supplier transparency and testing to detect hidden functionality or backdoors inserted in the supply chain.

addresses: CWE-912

Screening high-risk technical positions lowers the probability that hidden functionality or backdoors will be added by authorized personnel.

addresses: CWE-912

Hunting identifies hidden functionality used for persistence or evasion after initial compromise.

addresses: CWE-912

TSCM surveys discover and eliminate hidden surveillance functionality that would otherwise remain undetected in the environment.

addresses: CWE-912

Change control, approval gates, and flaw tracking force hidden functionality to be either documented or discovered and removed.

addresses: CWE-912

Vetting and integrity controls during acquisition reduce the likelihood of hidden backdoors or malicious functionality introduced by suppliers.

References