CVE-2024-22366

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Jan 24, 2024
Updated: Jan 30, 2024
CWE ID 78

Summary

CVE-2024-22366 is a cyber vulnerability that affects Yamaha wireless LAN access point devices. The vulnerability allows a logged-in user who knows how to use the debug function to enable it on the device's management page, potentially leading to the execution of arbitrary OS commands or alteration of device configurations. The affected products and versions include WLX222 firmware Rev.24.00.03 and earlier, WLX413 firmware Rev.22.00.05 and earlier, WLX212 firmware Rev.21.00.12 and earlier, WLX313 firmware Rev.18.00.12 and earlier, and WLX202 firmware Rev.16.00.18 and earlier. This vulnerability has a base severity score of 6.8 out of 10, with high privileges required for exploitation and high impacts on both integrity and confidentiality of the affected systems. Remediation should involve updating the firmware to versions that address this vulnerability promptly to mitigate potential risks to organizations using these devices.

Note: The provided summary is based on the information given in the text and does not include any additional outside research or sources to maintain non-bias as requested by the user

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-22366 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options