Japanese Wi-Fi router company, NEC has published a list of infected wireless routers. These are vulnerable and if the hacker exploits their vulnerability, they would be able to execute commands via telnet and arbitrary code using UPnP.
Here is list of vulnerabilities and potentially infected NEC wireless routers.
Infected models – WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, W G1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170 N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR840 0N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN, MR02LN, WG1810HP(JE), WG1810HP(MF)
Arbitrary script can be executed by an attacker with high privileges – CVE-2024-28005
Viewing specific files – CVE-2024-28006
An attacker with high privileges can execute arbitrary OS commands with root privileges – CVE-2024-28007
OS commands are executed by an attacker with high privileges – CVE-2024-28008
Possibility to guess default passwords for some functions – CVE-2024-28009
Unnecessary accounts remain for some functions – CVE-2024-28010
Some functions cannot be changed to closed state – CVE-2024-28011
Possibility to guess default passwords for some functions – CVE-2024-28012
WebUI can be accessed over the network – CVE-2024-28013
Command execution due to buffer overflow – CVE-2024-28014
OS commands are executed by an attacker with high privileges – CVE-2024-28015
Viewing specific files – CVE-2024-28016