CVE-2024-22366

Summary

CVE-2024-22366 is a cyber vulnerability that affects Yamaha wireless LAN access point devices. The vulnerability allows a logged-in user who knows how to use the debug function to enable it on the device's management page, potentially leading to the execution of arbitrary OS commands or alteration of device configurations. The affected products and versions include WLX222 firmware Rev.24.00.03 and earlier, WLX413 firmware Rev.22.00.05 and earlier, WLX212 firmware Rev.21.00.12 and earlier, WLX313 firmware Rev.18.00.12 and earlier, and WLX202 firmware Rev.16.00.18 and earlier. This vulnerability has a base severity score of 6.8 out of 10, with high privileges required for exploitation and high impacts on both integrity and confidentiality of the affected systems. Remediation should involve updating the firmware to versions that address this vulnerability promptly to mitigate potential risks to organizations using these devices. Note: The provided summary is based on the information given in the text and does not include any additional outside research or sources to maintain non-bias as requested by the user

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.