CVE-2024-31070
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. * Initialization of a Resource with an Insecure Default (CWE-1188) - CVE-2024-31070 * Active Debug Code (CWE-489) - CVE-2024-36475 * OS Command Injection (CWE-78) - CVE-2024-36491 * Buffer Overflow (CWE-120) - CVE-2020-10188 The product uses previous versions of netkit-telnet which contains a known vulnerability. CVE-2024-31070, CVE-2024-36475 Katsuhiko Sato(a.k.a. goroh_kun) of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer. CVE-2024-36491, CVE-2020-10188 Century Systems Co., Ltd. reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN.
EPSS 2.07% · 84.3th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Century Systems Co., Ltd. | FutureNet NXR-G120 series | |
| Century Systems Co., Ltd. | FutureNet NXR-125/CX | |
| Century Systems Co., Ltd. | FutureNet NXR-610X series | |
| Century Systems Co., Ltd. | FutureNet NXR-G200 series | |
| Century Systems Co., Ltd. | FutureNet VXR/x64 | |
| Century Systems Co., Ltd. | FutureNet NXR-350/C | |
| Century Systems Co., Ltd. | FutureNet NXR-230/C | |
| Century Systems Co., Ltd. | FutureNet NXR-G110 series | |
| Century Systems Co., Ltd. | FutureNet WXR-250 | |
| Century Systems Co., Ltd. | FutureNet NXR-530 | |
| Century Systems Co., Ltd. | FutureNet NXR-650 | |
| Century Systems Co., Ltd. | FutureNet NXR-G060 series | |
| Century Systems Co., Ltd. | FutureNet NXR-1200 | |
| Century Systems Co., Ltd. | FutureNet NXR-160/LW | |
| Century Systems Co., Ltd. | FutureNet VXR/x86 | |
| Century Systems Co., Ltd. | FutureNet NXR-1300 series | |
| Century Systems Co., Ltd. | FutureNet NXR-G180/L-CA | |
| Century Systems Co., Ltd. | FutureNet NXR-155/C series | |
| Century Systems Co., Ltd. | FutureNet NXR-G050 series | |
| Century Systems Co., Ltd. | FutureNet NXR-G100 series |
…and 2 more
Timeline
- Jul 17, 2024 CVE Published
- Jul 18, 2024 EPSS Score
- Aug 2, 2024 CVE Updated
- Aug 9, 2024 EPSS Score
- Sep 21, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 13, 2024 EPSS Score
- Nov 25, 2024 EPSS Score
- Dec 18, 2024 EPSS Score
- Jan 9, 2025 EPSS Score
- Feb 21, 2025 EPSS Score
- Mar 15, 2025 EPSS Score