CVE-2024-31070
CRITICAL EPSS 50.3%
Published Jul 17, 20241y ago · Modified Jun 17, 20262w ago
9.1 CVSS 3.1
Published Jul 17, 2024 1y ago
Last Modified Jun 17, 2026 2w ago
Description
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
50.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-1188
Affected Products 33
| Vendor | Product | Version | Range |
|---|---|---|---|
| centurysys | futurenet_nxr-1300_firmware | * | <7.4.10 |
| centurysys | futurenet_nxr-155\/c_firmware | * | any |
| centurysys | futurenet_nxr-610x_firmware | * | <21.14.11c |
| centurysys | futurenet_nxr-g050_firmware | * | <21.12.10 |
| centurysys | futurenet_nxr-g060_firmware | * | <21.15.6 |
| centurysys | futurenet_nxr-g100_firmware | * | <6.23.11 |
| centurysys | futurenet_nxr-g110_firmware | * | <21.7.32 |
| centurysys | futurenet_nxr-g120_firmware | * | <21.15.2c |
| centurysys | futurenet_nxr-g200_firmware | * | <9.12.16 |
| centurysys | futurenet_vxr-x64 | * | <21.7.32 |
| centurysys | futurenet_vxr-x86 | * | <10.1.5 |
| centurysys | futurenet_nxr-160\/lw_firmware | * | <21.8.4 |
| centurysys | futurenet_nxr-160\/lw | * | any |
| centurysys | futurenet_nxr-230\/c_firmware | * | <5.30.13 |
| centurysys | futurenet_nxr-230\/c | * | any |
| centurysys | futurenet_nxr-350\/c_firmware | * | <5.30.9c |
| centurysys | futurenet_nxr-350\/c | * | any |
| centurysys | futurenet_nxr-530_firmware | * | <21.11.14 |
| centurysys | futurenet_nxr-530 | * | any |
| centurysys | futurenet_nxr-650_firmware | * | <21.16.2 |
| centurysys | futurenet_nxr-650_firmware | * | any |
| centurysys | futurenet_nxr-g180\/l-ca_firmware | * | <21.7.28c |
| centurysys | futurenet_nxr-g180\/l-ca | * | any |
| centurysys | futurenet_nxr-130\/c_firmware | * | any |
| centurysys | futurenet_nxr-130\/c | * | any |
| centurysys | futurenet_nxr-125\/cx_firmware | * | any |
| centurysys | futurenet_nxr-125\/cx_firmware | * | any |
| centurysys | futurenet_nxr-120\/c_firmware | * | any |
| centurysys | futurenet_nxr-120\/c | * | any |
| centurysys | futurenet_wxr-250_firmware | * | any |
| centurysys | futurenet_wxr-250 | * | any |
| centurysys | futurenet_nxr-1200_firmware | * | any |
| centurysys | futurenet_nxr-1200 | * | any |
References 3
- jvn.jp https://jvn.jp/en/vu/JVNVU96424864/
- centurysys.co.jp https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.html
- centurysys.co.jp https://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.html
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.