CVE-2024-53939

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 2, 2024

Updated: Dec 3, 2024

CWE ID 78

Summary

CVE-2024-53939 is a vulnerability affecting Victure RX1800 WiFi 6 Routers with software EN_V1.0.0_r12_110933 and hardware version 1.0. The endpoint /cgi-bin/luci/admin/opsw/Dual_freq_un_apple is found to be susceptible to command injection. This vulnerability can be exploited by sending crafted input through the 2.4 GHz and 5 GHz name parameters. An attacker, upon successful exploitation, can execute arbitrary commands on the device with root-level permissions. This poses a significant security risk as an attacker could potentially take control of the router's functionality and gain unauthorized access to sensitive data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database