CVE-2026-6059

Published: May 25, 2026

Modified: May 26, 2026

PUBLISHED

Description

A cross-site scripting vulnerability exists in Aterm. Arbitrary scripts may be executed in the web browser of a user accessing the web management interface via adjacent network.

Vendor	Product	Versions
NEC Platforms, Ltd.	Aterm WX1800HP	affected `Before Ver. 3.2.2`
NEC Platforms, Ltd.	Aterm WX5400HP	affected `Before Ver. 2.1.0`
NEC Platforms, Ltd.	Aterm WX7800T8	affected `Before Ver. 1.5.1`
NEC Platforms, Ltd.	Aterm WX11000T12	affected `Before Ver. 1.4.0`
NEC Platforms, Ltd.	Aterm WX3000HP2	affected `Before Ver. 1.3.2`
NEC Platforms, Ltd.	Aterm WX4200D5	affected `Before Ver. 1.3.5`
NEC Platforms, Ltd.	Aterm GX621A1	affected `Before Ver. 3.2.2`
NEC Platforms, Ltd.	Aterm SH621A1	affected `Before Ver. 3.2.2`
NEC Platforms, Ltd.	Aterm 19000T12BE	affected `Before Ver. 1.1.0`

Weaknesses (CWE)

CWE-79

References

https://jpn.nec.com/security-info/secinfo/nv26-002_en.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-6059

Description

Affected Products

Weaknesses (CWE)

References