CVE-2024-22366

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Jan 24, 2024

Updated: Jan 30, 2024

CWE ID 78

Summary

CVE-2024-22366 is a vulnerability affecting several models of Yamaha wireless LAN access points, including WLX222, WLX413, WLX212, WLX313, and WLX202. A debug function in these devices can be enabled by a logged-in user with specific knowledge, leading to the execution of arbitrary OS commands or configuration modifications. This issue affects firmware versions Rev.24.00.03 and earlier for WLX222, Rev.22.00.05 and earlier for WLX413, Rev.21.00.12 and earlier for WLX212, Rev.18.00.12 and earlier for WLX313, and Rev.16.00.18 and earlier for WLX202.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Yamaha

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uFJ9oC
https://www.cve.org/CVERecord?id=CVE-2024-22366
https://nvd.nist.gov/vuln/detail/CVE-2024-22366

Back to Vulnerability Database

CVE-2024-22366

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations