CVE-2024-23628

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 26, 2024

Updated: Feb 1, 2024

CWE ID 77

Summary

CVE-2024-23628 is a command injection vulnerability affecting the Motorola MR2600 device. The issue lies in the 'SaveStaticRouteIPv6Params' parameter, which can be exploited by remote attackers to execute commands. Authentication is required to access this parameter, but the vulnerability can be bypassed, posing a significant security risk. Successful exploitation allows attackers to execute arbitrary commands on the affected system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uMgIU1
https://www.cve.org/CVERecord?id=CVE-2024-23628
https://nvd.nist.gov/vuln/detail/CVE-2024-23628

Back to Vulnerability Database

CVE-2024-23628

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations