RCE in Nec Platforms, Ltd. Aterm Wx1500hp

CVE-2026-4620

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.000 (13.8th percentile) — read the EPSS interpretation.

Affected products

Nec Platforms, Ltd. Aterm Wx1500hp — versions Before Ver. 1.4.2
Nec Platforms, Ltd. Aterm Wx3600hp — versions Before Ver. 1.4.2

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

jpn.nec.com/security-info/secinfo/nv26-001_en.html