Number: NV26-001
CVE: CVE-2026-4309, CVE-2026-4619, CVE-2026-4620, CVE-2026-4621, CVE-2026-4622

Overview

The Aterm series contains the following vulnerabilities:

- Access Control Bypass Vulnerability (CVE-2026-4309): A third party accessing the product could obtain device-specific information, potentially leading to unauthorized configuration changes.
- Path traversal vulnerability (CVE-2026-4619): A third party accessing the product could overwrite arbitrary files via path traversal.
- OS command injection vulnerability (CVE-2026-4620): A third party accessing the product could execute arbitrary OS commands via OS command injection.
- Undocumented backdoor vulnerability (CVE-2026-4621): Due to the presence of a backdoor function, there is a possibility that a third party accessing the product could enable Telnet
- OS command injection vulnerability (CVE-2026-4622): There is a possibility that a third party accessing the product could execute arbitrary commands

Products Affected

Aterm

Affected Version

- CVE-2026-4309
W1200EX(-MS) All versions
WG1200HP2 All versions
WG1900HP All versions
WG1200HS2 All versions
WG1800HP3 All versions
WG1200HP3 All versions
WG1900HP2 All versions
WG1200HS3: All versions
WG1800HP4: All versions
WG1200HP4: All versions
WG1200HS4: All versions
WX1500HP: Before Ver. 1.4.2
WG2600HS: Before Ver. 1.7.2
WF1200CR: Before Ver. 1.6.0
WG1200CR: Before Ver. 1.5.0
WG2600HP4: Before Ver. 1.4.2
WG2600HM4: Before Ver. 1.4.2
WG2600HS2: Before Ver. 1.3.2
WX3000HP: Before Ver. 2.5.0
WX3600HP: Before Ver. 1.5.3

- CVE-2026-4619, CVE-2026-4620, CVE-2026-4621, CVE-2026-4622
W1200EX(-MS) All versions
WG1200HP2 All versions
WG1900HP All versions
WG1200HS2 All versions
WG1800HP3 All versions
WG1200HP3 All versions
WG1900HP2 All versions
WG1200HS3: All versions
WG1800HP4: All versions
WG1200HP4: All versions
WG1200HS4: All versions
WX1500HP: Before Ver. 1.4.2
WG2600HS: Before Ver. 1.7.2
WF1200CR: Before Ver. 1.6.0
WG1200CR: Before Ver. 1.5.0
WG2600HP4: Before Ver. 1.4.2
WG2600HM4: Before Ver. 1.4.2
WG2600HS2: Before Ver. 1.3.2
WX3000HP: Before Ver. 2.5.0
WX3000HP2: Before Ver. 1.3.2
WX3600HP: Before Ver. 1.5.3

Solution

The solution varies depending on the model, so please refer to the following support pages. (only Japanese)
https://www.aterm.jp/support/tech/2026/0326.html
https://www.aterm.jp/support/tech/2026/0326-2.html
https://www.aterm.jp/web/model/info202603.html
*Note: Issue 1 refers to CVE-2026-4620, CVE-2026-4621, and CVE-2026-4622, while Issue 2 refers to CVE-2026-4619.

References

CVE-2026-4309
https://www.cve.org/CVERecord?id=CVE-2026-4309
CVE-2026-4619
https://www.cve.org/CVERecord?id=CVE-2026-4619
CVE-2026-4620
https://www.cve.org/CVERecord?id=CVE-2026-4620
CVE-2026-4621
https://www.cve.org/CVERecord?id=CVE-2026-4621
CVE-2026-4622
https://www.cve.org/CVERecord?id=CVE-2026-4622

Credit

Update