CVE-2026-4622 HIGH

CVE-2026-4622

Vendor Nec Platforms, Ltd.

Product Aterm WG2600HS

Weakness CWE-78

Published March 27, 2026

Last update April 10, 2026

View on NVD All CVEs

CVSS base score

7.1/10

Attack vector Network

Attack complexity High

Privileges required High

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

Key dates

02Disclosure timeline

March 27, 2026 CVE published

April 10, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-4622 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/78.html

Related vulnerabilities

Identifiers

CVE CVE-2026-4622

CWE CWE-78

CVSS 7.1 / HIGH

Affected versions

Vendor Nec Platforms, Ltd.

Product Aterm WG2600HS

Affected Before Ver. 1.7.2

Vendor Nec Platforms, Ltd.

Product Aterm WF1200CR

Affected Before Ver. 1.6.0

Vendor Nec Platforms, Ltd.

Product Aterm WG1200CR

Affected Before Ver. 1.5.0

Vendor Nec Platforms, Ltd.

Product Aterm WG2600HP4

Affected Before Ver. 1.4.2

Vendor Nec Platforms, Ltd.

Product Aterm WG2600HM4

Affected Before Ver. 1.4.2

Vendor Nec Platforms, Ltd.

Product Aterm WG2600HS2

Affected Before Ver. 1.3.2

Vendor Nec Platforms, Ltd.

Product Aterm WX3000HP

Affected Before Ver. 2.5.0

Vendor Nec Platforms, Ltd.

Product Aterm WX3000HP2

Affected Before Ver. 1.3.2

Vendor Nec Platforms, Ltd.

Product Aterm GB1200PE

Affected Before Ver. 1.3.1

CVE-2026-4622

01Description

02Disclosure timeline

03References

04Related CVE