CVE-2024-23627

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 26, 2024

Updated: Feb 1, 2024

CWE ID 77

Summary

CVE-2024-23627 is a newly disclosed command injection vulnerability affecting the Motorola MR2600. An attacker can exploit this flaw in the 'SaveStaticRouteIPv4Params' parameter to inject and execute arbitrary commands. Authentication is required for this action, but the vulnerability may allow for bypassing this security measure. Successful exploitation could lead to significant compromise of affected systems. This issue represents a serious concern for organizations utilizing Motorola MR2600 devices and requires immediate attention and remediation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uMhg1O
https://www.cve.org/CVERecord?id=CVE-2024-23627
https://nvd.nist.gov/vuln/detail/CVE-2024-23627

Back to Vulnerability Database

CVE-2024-23627

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations